LDAP Config
-
I've had a problem with various LDAP configs being contradictory in whether they require an email or username. My password manager, and I suppose any, can't know when to do one or the other short of duplicating the username and password for each site...which seems ridiculous.
Anyway, in WordPress I was able to modify the LDAP filter config:
Orginal:
(username=%s)Modified:
(mail=%s)This has worked well but seems to revert every time the app is restarted.
Ideally it'd be nice if apps could more consistently use email for login but that's probably a big ask that might be fraught with issues. I'd just be happy if the modified config was permanent. Is there anything that can be done about this? Thanks.
-
@moonmeister I think the general rule is that it's always username (apart from email and any apps that require email). But yeah, it's dependent on what up stream apps support
-
Yes, ideally we configure apps to use the username, but since some require an email, we have to fallback to this. However others require a username. Some apps also support both even.
Our main decision to ideally go with username is, that we take the username as the unique user identifier in Cloudron, since this has proven to help in most cases with data migration.Regarding the config reset, the packages are always setup to reset crucial Cloudron related configs on every restart, to ensure an accidentally broken config can be made functional again easily.
-
Thing is some apps store the email (just like they store username) in the database. This means that when you change the email in Cloudron, it doesn't change in the app (depends on the app). So, just to keep things easier across apps, we decided to keep login username based as much as possible (since in Cloudron, you cannot change the username, we don't have a problem).
-
What I would like to do is that if I try to login to a new WP installation with the cloudron super-administrator user, an administrator user will be automatically generated in WP with my Cloudron access data. And if I enter as a common Cloudron user in WP, a user will be generated with their Cloudron access data with the role that I configure in the ldap plugin.
In this way, if I also changed my login details in Cloudron, it would also change on all WP sites.
This would also be good with the rest of the applications. It would simplify things a lot.
This is possible?
