External LDAP Configurations, do I need to handle them differently?

Lonkle

Or does cloudron when doing it's periodic (or manual?) sync allow me to use all the same LDAP functions I've created even if that user came from an external LDAP user directory? I see a user can customize it, but is the default to just sync them as if they were cloudron users with the same attributes you'd expect?

nebulon

Not sure what you mean with LDAP functions generally you would have to specify the Base DN and filter accordingly to filter which users on your external LDAP server are synced to your Cloudron.

A sync is also only be done manually thus far, so you can trigger that and watch the logs to give you some indication what it found and synced.

Lonkle

@nebulon Okay, so what I was confirming was that Cloudron doesn’t convert the LDAP to its internal format. I think my functions are dynamic enough to still maybe work even if the format is different. I’ve just never used LDAP before working on Cloudron and have no external LDAP to test it with so I was trying to gage what I needed to do, if anything, to support external LDAP as I do Cloudron LDAP. I’ll take a wait and see approach for now since I can’t test.

Thank you!

nebulon

To clarify, from an app perspective it would not matter if a user was created on the Cloudron or coming from an external LDAP. The user object and attributes are always the same and are not piped through from external LDAP to the app. This is also to be able to use the local database for user lookup instead of going to the external LDAP all the time. Of course passwords during login are checked against the external LDAP always.

Lonkle

@nebulon That’s the exact answer I was hoping for but couldn’t test. Thanks again for the clarification. Trying to avoid any potential bugs even in situations where I can’t test directly so your info really helps out!