Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Solved Status LDAP integration?

    FreeScout
    8
    26
    1034
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • imc67
      imc67 translator last edited by

      Hi @nebulon I was curious for the status of the LDAP integration as mentioned in the Cloudron App Store since first publish date:

      Currently Cloudron user-management is not possible due to LDAP requirements. We are working with FreeScout to get those solved, then the optional LDAP module can be purchased and used.

      When LDAP is solved, will SSO also work?

      BTW thanks for having this app on Cloudron, we used it already for months on another host and last week migrating everything to the Cloudron app went fine.

      Kind regards,

      Marcel

      1 Reply Last reply Reply Quote 2
      • nebulon
        nebulon Staff last edited by

        Hi @imc67

        this is on our todo list and will come hopefully this week. The paid plugin is already fixed by the Freescout devs and now needs re-evaluation.

        Best,
        Johannes

        T 1 Reply Last reply Reply Quote 4
        • T
          tomtom @nebulon last edited by

          @nebulon Any news on your latest LDAP/freescout tests?

          1 Reply Last reply Reply Quote 0
          • nebulon
            nebulon Staff last edited by

            I am debugging this right now, but it seems that their LDAP plugin needs quite a bit of rewrite to support the Cloudron use-case.

            In particular on Cloudron an app gets an ldap admin bind account allocated, which allows the app to list users. In FreeScout this bind/admin account needs to have the same DN (essentially LDAP term for namespace) as users. This is not the case on Cloudron to not mix users and app specific accounts.

            I will provide them with feedback, but I am not too hopeful to get this resolved quickly.

            T imc67 2 Replies Last reply Reply Quote 2
            • T
              tomtom @nebulon last edited by

              @nebulon Ok, thanks for the feedback. Too sad, I had my hopes up this is just around the corner. Have a nice weekend!

              1 Reply Last reply Reply Quote 1
              • imc67
                imc67 translator @nebulon last edited by

                @nebulon really curious what the status is?

                1 Reply Last reply Reply Quote 1
                • nebulon
                  nebulon Staff last edited by

                  Sorry there is still no success here. I am not a real php expert so this will require more time 😉

                  murgero 1 Reply Last reply Reply Quote 2
                  • murgero
                    murgero App Dev @nebulon last edited by

                    @nebulon What's the exact error - I'd be more than happy to help

                    --
                    https://urgero.org
                    ~ Professional Nerd. Freelance Programmer. ~
                    Matrix: @murgero:urgero.org

                    1 Reply Last reply Reply Quote 3
                    • subven
                      subven last edited by subven

                      So there is still no possibility to get LDAP working within the Freescout App for Cloudron? I have Freescout installed within LAMP but want to switch to the Cloudron app because of automatic updates and user management within Cloudron.

                      Edit: Changelog for the LDAP module --> https://freescout.net/module/ldap/?changelog=1

                      imc67 1 Reply Last reply Reply Quote 1
                      • imc67
                        imc67 translator @subven last edited by

                        @subven @nebulon @girish is there any news about the LDAP integration? It would be more than welcome as it is confusing for users to have a “non-synchronized” account for this much much used app.

                        subven 1 Reply Last reply Reply Quote 1
                        • subven
                          subven @imc67 last edited by

                          @imc67 I bought the LDAP extension but had no luck because I used the LAMP 7.4 package that includes the Cloudron LDAP addon. Sadly the Freescout documentation says PHP 7.3 and below is required because of ldap_control_paged_result() 😞 I will keep testing with the Freescout app and report back.

                          1 Reply Last reply Reply Quote 4
                          • nebulon
                            nebulon Staff last edited by

                            I took another look at the ldap plugin more in-depth and after much debugging, I managed to get it to work in a hackish way. I don't fully understand all the code paths yet, but I reached out to the upstream devs again to hopefully get this sorted out in a proper way.

                            I will keep this thread updated on the progress.

                            subven 1 Reply Last reply Reply Quote 2
                            • subven
                              subven @nebulon last edited by

                              @nebulon haha okay then you were faster than me. I cloned your ldap branch and started testing two days ago. Thank you for the commitment and the effort!

                              1 Reply Last reply Reply Quote 1
                              • nebulon
                                nebulon Staff last edited by

                                We managed to come up with a fix and they have released a new LDAP plugin already which is now compatible.

                                I am currently fixing up the autoconfiguration and then we can enable optional LDAP support in the package. Of course though this is then a bit special, since installing the app with user management integration also means one has to purchase the FreeScout LDAP plugin afterwards.
                                I don't think we have any app in our library following that approach for the moment.

                                girish 1 Reply Last reply Reply Quote 6
                                • girish
                                  girish Staff @nebulon last edited by girish

                                  @nebulon Do freescout plugins work with a license key? If so, is the idea to install with Cloudron authentication and then make the user put in license key for things to start working? Or is it that we cannot put the code at all in the docker image?

                                  Also, the closest we have like this is Confluence.

                                  marcusquinn subven 2 Replies Last reply Reply Quote 2
                                  • marcusquinn
                                    marcusquinn @girish last edited by

                                    @girish Yup, 32 varchar licence keys (as opposed to licence files).

                                    We're not here for a long time - but we are here for a good time :)
                                    Jersey/UK
                                    Work & Ecommerce Advice: https://brandlight.org
                                    Personal & Software Tips: https://marcusquinn.com

                                    1 Reply Last reply Reply Quote 1
                                    • subven
                                      subven @girish last edited by subven

                                      @girish basically yes. You can only install an module if you have the license key for it. The env's used by an module can be stored in configuration files beforehand. Usage is therefore opt-in and does not affect normal cloudron users without a license.

                                      I like their concept and price model very much and it was easy for me to buy a few (lifetime) module licenses.

                                      dsfgdsgsdg.jpg

                                      1 Reply Last reply Reply Quote 4
                                      • nebulon
                                        nebulon Staff last edited by

                                        Since I kind of got stuck eventually somewhere in the auth framework, of which I am no expert, we have provided the freescout team a Cloudron to be able to reproduce the login issue.

                                        They have managed to fix this upstream, so I am trying to work out how we can test this with maybe a test license for package updates...once that is resolved we can finally push a package which supports LDAP 🙂

                                        1 Reply Last reply Reply Quote 7
                                        • nebulon
                                          nebulon Staff last edited by

                                          We have published a new app package now, which contains the LDAP fixes.
                                          The app can be installed with cloudron usermanagement now, however that feature only works if the Freescout LDAP module is also purchased. Once it is activated, just restart the app and it should work.

                                          In order to use this, a fresh FreeScout instance has to be installed!

                                          imc67 girish 2 Replies Last reply Reply Quote 4
                                          • imc67
                                            imc67 translator @nebulon last edited by

                                            @nebulon this is very good news! Do you have any advice how to migrate an existing app?

                                            1 Reply Last reply Reply Quote 1
                                            • nebulon
                                              nebulon Staff last edited by

                                              Unfortunately not really. I guess you could try to update your existing, then install a new instance and import a backup from the other into that.
                                              I am not sure though what really happens if user account emails would clash between old and LDAP users in Freescout.

                                              1 Reply Last reply Reply Quote 1
                                              • girish
                                                girish Staff @nebulon last edited by

                                                @nebulon would be great to migrate our freescout instance also!

                                                imc67 1 Reply Last reply Reply Quote 1
                                                • imc67
                                                  imc67 translator @girish last edited by

                                                  @girish said in Status LDAP integration?:

                                                  @nebulon would be great to migrate our freescout instance also!

                                                  I think I wait with ours until you have experienced 😀

                                                  1 Reply Last reply Reply Quote 1
                                                  • nebulon
                                                    nebulon Staff last edited by

                                                    Alright, we managed to migrate our own instance now. Freescout matches users by email, so it would merge the user profiles from LDAP and built-in. The process is as follows:

                                                    1. update your current instance to latest version
                                                    2. install LDAP module and activate on old version (if not done already, this can also be done later but since the license key does not work multiple times, this is the safer option)
                                                    3. create a fresh backup after LDAP module activation
                                                    4. Install a fresh FreeScout app instance on your Cloudron
                                                    5. Import the latest backup of your old installation into this app
                                                    6. Login to new app and verify things are working
                                                    7. You can now uninstall the old app instance and probably relocate the new one to the old domain
                                                    imc67 3 Replies Last reply Reply Quote 7
                                                    • imc67
                                                      imc67 translator @nebulon last edited by

                                                      @nebulon this is as usual excellent news and way of working in Cloudron!

                                                      Tomorrow morning I’ll migrate two instances!

                                                      1 Reply Last reply Reply Quote 1
                                                      • humptydumpty
                                                        humptydumpty last edited by humptydumpty

                                                        Would the 2FA carry over through LDAP if i switch my freescout instance over to the new version or do I also need to get the freescout 2FA module?

                                                        1 Reply Last reply Reply Quote 0
                                                        • First post
                                                          Last post
                                                        Powered by NodeBB