Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    After the next release (4.0), LDAP, SAML, and Custom Oauth will be available only in Enterprise Edition and Gold plan

    Rocket.Chat
    9
    21
    894
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • marcusquinn
      marcusquinn last edited by

      Please notice that after the next release (4.0) advanced functionalities of LDAP, SAML, and Custom Oauth will be available only in Enterprise Edition and Gold plan. Check the official announcement for more info: https://go.rocket.chat/i/authentication-changes

      A bit rude

      We're not here for a long time - but we are here for a good time :)
      Jersey/UK
      Work & Ecommerce Advice: https://brandlight.org
      Personal & Software Tips: https://marcusquinn.com

      fbartels bubonicfred 2 Replies Last reply Reply Quote 2
      • fbartels
        fbartels App Dev @marcusquinn last edited by fbartels

        was about to post about this here as well.

        The community edition LDAP feature will allow workspaces to connect to an LDAP server and sync user names and identifiers, but additional capabilities such as syncing extended user attributes, managing group & team assignments and background synchronization will require an enterprise license. Here’s a full description of the feature set available with each edition and an FAQ.

        Edit: the biggest limitation seems to be that you can no longer filter which users are supposed to be able to login. A strange (but probably investor driven) decision.

        marcusquinn bubonicfred 2 Replies Last reply Reply Quote 2
        • marcusquinn
          marcusquinn @fbartels last edited by

          @fbartels Very frustrating, as we invest a lot of time in setups and feedback to help apps improve to justify charges.

          I just loath all per-user costing, as it's just not relative when all organisations are so different in their needs.

          Wondering what the community reaction will be now, maybe forking, restoring features as community extensions, who knows now, their respect for our need to plan has just gone out of the window...

          We're not here for a long time - but we are here for a good time :)
          Jersey/UK
          Work & Ecommerce Advice: https://brandlight.org
          Personal & Software Tips: https://marcusquinn.com

          1 Reply Last reply Reply Quote 3
          • bubonicfred
            bubonicfred @fbartels last edited by

            @fbartels
            blah, we'll see how this affects us,
            rocket.chat has been annoying us for some time, simple bugs slipping through, poor overall development.

            A fair number of apps that only support LDAP in paid versions, especially when that the only feature that we would be missing is fairly annoying. Mattermost springs to mind, though they do have oauth.

            1 Reply Last reply Reply Quote 3
            • bubonicfred
              bubonicfred @marcusquinn last edited by

              @marcusquinn Ah, just noticed this is the changelog for 3.17.0
              Collect data about LDAP, SAML, CAS and OAuth usage. (#22719)

              marcusquinn 1 Reply Last reply Reply Quote 1
              • marcusquinn
                marcusquinn @bubonicfred last edited by

                @bubonicfred Hmmm, sounds like the decisions are made and then the data is sought to justify them.

                I'm OK with paying for things - just not per-user, it's artificial limitations that do not consider their side-effects from then distorting decisions that should be purely based on what is most energy efficient.

                It's not like the community charges per bug write-up — that they would otherwise have to employ more QC testers for.

                We're not here for a long time - but we are here for a good time :)
                Jersey/UK
                Work & Ecommerce Advice: https://brandlight.org
                Personal & Software Tips: https://marcusquinn.com

                timconsidine 1 Reply Last reply Reply Quote 2
                • timconsidine
                  timconsidine App Dev @marcusquinn last edited by

                  @marcusquinn said in After the next release (4.0), LDAP, SAML, and Custom Oauth will be available only in Enterprise Edition and Gold plan:

                  distorting decisions that should be purely based on what is most energy efficient.

                  It's eff-ing investors .... again.
                  Especially the ones who know diddly-squat about IT and even less about community support.

                  It's not like the community charges per bug write-up

                  Now there's an idea for effective community push-back.

                  marcusquinn 1 Reply Last reply Reply Quote 1
                  • marcusquinn
                    marcusquinn @timconsidine last edited by

                    @timconsidine Just annoying that we put a lot of time into these Apps, and rely on LDAP because it's not Active Directory.

                    By all means charge for integrations to other proprietary choices, but not for the open alternative!

                    We're not here for a long time - but we are here for a good time :)
                    Jersey/UK
                    Work & Ecommerce Advice: https://brandlight.org
                    Personal & Software Tips: https://marcusquinn.com

                    1 Reply Last reply Reply Quote 2
                    • luckow
                      luckow translator last edited by

                      Overall. That.is.not.true.

                      It is important to note that, [...] Rocket.Chat will still be the only major open source communications platform to include any LDAP feature in its community edition.

                      Pronouns: he/him | Primary language: German

                      1 Reply Last reply Reply Quote 0
                      • girish
                        girish Staff last edited by

                        @luckow So LDAP syncing will go away I think but normal LDAP login will work?

                        1 Reply Last reply Reply Quote 0
                        • luckow
                          luckow translator last edited by

                          Taken from here "Basic LDAP Login" https://docs.rocket.chat/guides/administration/administration/settings/ldap IMHO that is what the Cloudron app needs. But "the only major open source communication" doesn't realize that Matrix/Element is another major open source solution that supports LDAP. Next Nextcloud. And we have another pile of oss communication tools around the corner. Bla bla marketing. That's cheeky.

                          Pronouns: he/him | Primary language: German

                          1 Reply Last reply Reply Quote 4
                          • marcusquinn
                            marcusquinn last edited by

                            Who knows 🤷 At least forewarned. Will have to have a think about it all nearer the time, see if they are negotiable too.

                            We're not here for a long time - but we are here for a good time :)
                            Jersey/UK
                            Work & Ecommerce Advice: https://brandlight.org
                            Personal & Software Tips: https://marcusquinn.com

                            1 Reply Last reply Reply Quote 0
                            • marcusquinn
                              marcusquinn last edited by

                              And now the Sales Rep support outreach ransom demands begin:

                              0cbc85ee-d988-4e2d-a4e7-ecc2c4cfe28b-image.png

                              We're not here for a long time - but we are here for a good time :)
                              Jersey/UK
                              Work & Ecommerce Advice: https://brandlight.org
                              Personal & Software Tips: https://marcusquinn.com

                              1 Reply Last reply Reply Quote 1
                              • marcusquinn
                                marcusquinn last edited by

                                Well, this is gonna be fun - feel free to add your points to the debate to help keep them informed:

                                dc6b8000-14a0-41db-a7c5-272a9cb07d2e-image.png

                                We're not here for a long time - but we are here for a good time :)
                                Jersey/UK
                                Work & Ecommerce Advice: https://brandlight.org
                                Personal & Software Tips: https://marcusquinn.com

                                1 Reply Last reply Reply Quote 3
                                • robi
                                  robi last edited by

                                  I happen to know the founders of RC, and can pass on this thread if desired.

                                  Life of Advanced Technology

                                  marcusquinn 1 Reply Last reply Reply Quote 2
                                  • marcusquinn
                                    marcusquinn @robi last edited by marcusquinn

                                    @robi Sure, thank you kindly. It's a nice product and ambition... Until this little faux pas.

                                    LDAP is the most viable open-source antidote to Active Directory.

                                    I agree that Enterprise needs are fair-game for encouraging support retainers, but IMHO they seem to have got this one wrong.

                                    Please anyone, correct me if I'm wrong, I'm sure they all work hard and do great things. We all do though.

                                    Let's hope they see some sense and keep open-source for the open-standards — and the line in the sand for those things that enterprises are already buying into.

                                    Community goes both ways, and I'd rather see the energy keep flowing towards improving the product than micro-managing licences and artificial limitations.

                                    I mean, it's almost more effort to make this change than not 🤷

                                    We're not here for a long time - but we are here for a good time :)
                                    Jersey/UK
                                    Work & Ecommerce Advice: https://brandlight.org
                                    Personal & Software Tips: https://marcusquinn.com

                                    bubonicfred 1 Reply Last reply Reply Quote 3
                                    • bubonicfred
                                      bubonicfred @marcusquinn last edited by

                                      @marcusquinn The only reason we're using RC is that there doesn't seem to be a cloudron alternative (chat or forum) with ldap

                                      1 Reply Last reply Reply Quote 1
                                      • S
                                        sing.li 0 last edited by

                                        Hi guys,

                                        This is Sing Li from Rocket.Chat -- and thank you @robi for notifying us 🙏

                                        There is definitely some misinformation floating around.

                                        First, basic LDAP, SAML, most Oauth and Custom Oauth features will remain available on Community Edition and non-Gold plans. The details of which you can see in this chart - please scroll down to see the details.

                                        Second, we are in the community input / feedback gathering phase for the upcoming changes.

                                        Every Rocket.Chat community member, including all of you, are invited to the open call to community where you can discuss the matterr directly with our leadership.

                                        Thank you for your attention and hope to see you this Friday!

                                        nebulon marcusquinn 2 Replies Last reply Reply Quote 8
                                        • nebulon
                                          nebulon Staff @sing.li 0 last edited by

                                          @sing-li-0 hi an welcome here!

                                          Thanks for the clarification and the link provided. Looks like this will not affect the Cloudron package in any way as far as I can tell, so we should be good 🙂

                                          1 Reply Last reply Reply Quote 3
                                          • marcusquinn
                                            marcusquinn @sing.li 0 last edited by

                                            @sing-li-0 Welcome and thank you kindly for reaching out from one community to another, it really does help.

                                            Link for anyone missing it in Dark Mode like I almost did:

                                            https://forums.rocket.chat/t/open-call-to-community-re-upcoming-changes-to-identity-management-integrations/12101

                                            I certainly feel it's right for us not to just complain but actively get involved with providing feedback and testing support for all the good work you do, and I look forward to hearing more about your plans and discovery of what works well for all those that care for your good product.

                                            We're not here for a long time - but we are here for a good time :)
                                            Jersey/UK
                                            Work & Ecommerce Advice: https://brandlight.org
                                            Personal & Software Tips: https://marcusquinn.com

                                            1 Reply Last reply Reply Quote 3
                                            • girish
                                              girish Staff last edited by

                                              I have pushed an update to 4.0 now. We will roll it out slowly, just to make sure there are no major breakages. The list of LDAP changes are at https://docs.rocket.chat/quick-start/identity-management-ee-vs-ce#ldap3 . Overall, it seems that LDAP filter, basic sync etc are all there in CE.

                                              1 Reply Last reply Reply Quote 3
                                              • Referenced by  marcusquinn marcusquinn 
                                              • First post
                                                Last post
                                              Powered by NodeBB