Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    SOLVED LDAP Config

    Support
    email ldap
    5
    5
    112
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      moonmeister last edited by girish

      I've had a problem with various LDAP configs being contradictory in whether they require an email or username. My password manager, and I suppose any, can't know when to do one or the other short of duplicating the username and password for each site...which seems ridiculous.

      Anyway, in WordPress I was able to modify the LDAP filter config:

      Orginal: (username=%s)

      Modified: (mail=%s)

      This has worked well but seems to revert every time the app is restarted.

      Ideally it'd be nice if apps could more consistently use email for login but that's probably a big ask that might be fraught with issues. I'd just be happy if the modified config was permanent. Is there anything that can be done about this? Thanks.

      jdaviescoates 1 Reply Last reply Reply Quote 0
      • jdaviescoates
        jdaviescoates @moonmeister last edited by

        @moonmeister I think the general rule is that it's always username (apart from email and any apps that require email). But yeah, it's dependent on what up stream apps support

        1 Reply Last reply Reply Quote 0
        • nebulon
          nebulon Staff last edited by

          Yes, ideally we configure apps to use the username, but since some require an email, we have to fallback to this. However others require a username. Some apps also support both even.
          Our main decision to ideally go with username is, that we take the username as the unique user identifier in Cloudron, since this has proven to help in most cases with data migration.

          Regarding the config reset, the packages are always setup to reset crucial Cloudron related configs on every restart, to ensure an accidentally broken config can be made functional again easily.

          1 Reply Last reply Reply Quote 1
          • girish
            girish Staff last edited by

            Thing is some apps store the email (just like they store username) in the database. This means that when you change the email in Cloudron, it doesn't change in the app (depends on the app). So, just to keep things easier across apps, we decided to keep login username based as much as possible (since in Cloudron, you cannot change the username, we don't have a problem).

            1 Reply Last reply Reply Quote 1
            • mdreira
              mdreira translator last edited by

              What I would like to do is that if I try to login to a new WP installation with the cloudron super-administrator user, an administrator user will be automatically generated in WP with my Cloudron access data. And if I enter as a common Cloudron user in WP, a user will be generated with their Cloudron access data with the role that I configure in the ldap plugin.

              In this way, if I also changed my login details in Cloudron, it would also change on all WP sites.

              This would also be good with the rest of the applications. It would simplify things a lot.

              This is possible?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Powered by NodeBB