Cloudron LDAP access for external apps?
-
Is it possible to make the LDAP service in Cloudron accessible to external applications? I know external access is disabled by default, but it would be great if it were open for any external apps I have. Thanks
-
No, not yet but hopefully soon
-
Damn, I forgot to verify this before I installed to experiment.
-
@YurkshireLad personally I don't need it yet, but it'd be nice to have.
I've only been playing around with/ using Cloudron since January but I totally love it so far, and I've been really impressed with how responsive the developers are; they respond promptly, fix bugs quickly and add new features at an amazing rate.
-
Technically this seems to be possible quite easily by providing a TLS certificate to the ldap server instance and expose it on a public port. It however raises a few issues like rate-limiting and how to configure which users and groups are exposed there. Also ldap binds for user searches have to be maintained somehow (I think similar to app passwords)
So far there was no focus on that feature, as we don't know how useful it really is for which use-cases and which organizations really require this. Afterall just adding also adds an ongoing burden on testing and maintaining such a feature. -
@nebulon the LDAP/SSO discussions are alas a ‘little bit’ scattered around the forum, this is from another thread:
@imc67 said in LDAP/AD Server:
It would be extremely convenient to have Cloudron as a LDAP server (app) and contains "the one and only truth" about usermanagement (all users/groups etc) so external systems (like local NAS) can make use of it.
Is that feasible, easy to do, safe ...?
-
Agree, let me lock this thread in favor of the other one.
