ProjeQtOr free project management software - [SOLVED] LDAP Authentication without service account ? - ProjeQtOr
 

[SOLVED] LDAP Authentication without service account ?

More
30 Jan 2020 11:25 - 11 Fév 2020 11:24 #1 by NicolasD
Hi,

I contact you to know if it is possible to use the user's login and his password to valid this account on LDAP server ?

I'd like to know if we must inevitably use a service account to connect to the LDAP in order to check if the user and the password is matching ?

Thanks !

Kind Regards

Nicolas
Last edit: 11 Fév 2020 11:24 by NicolasD.

Please Connexion or Create an account to join the conversation.

More
31 Jan 2020 10:40 #2 by babynus
Sorry, I don't really understand the question.

You can connect projeqtor to a LDAP service, that will be use to authenticate user (valid user/password)
Some users may still have internal account authentication (for instance admin, that must b able to connect even if LDAP is off to change configuration)

Babynus
Administrator of ProjeQtOr web site

Please Connexion or Create an account to join the conversation.

More
31 Jan 2020 12:53 #3 by NicolasD
Hi babynus,
Thanks for your answer.

Currently, we are using a service account with projeqtor to connect to ldap in order to verify that the user's login and his password are correct.

I'd like to know if we can contact the ldap server directly with the user's login and his password without use this service account ?

For example, with the ldapsearch command, an user can have only his informations :

ldapsearch -H ldaps://<LDAP IP> -D uid=<USERNAME>,ou=Users,dc=Comptes,dc=com -b dc=Comptes,dc=com -W uid=<USERNAME>

The user type the <USERNAME>'s password and if the password is correct, the LDAP displays <USERNAME>'s informations.

I'd like to know if it is possible with Projeqtor to use directly the user account to check his informations ?

Thanks

Please Connexion or Create an account to join the conversation.

More
31 Jan 2020 14:52 - 31 Jan 2020 14:52 #4 by babynus
Hi,

No, LDAP feature in Prjeqtor is designed to require a service accvount to search for the user.
This is done to enable connection with "simple" user account, with just the username.
Otherwise, the user would have to enter a full dn syntax to identify, such as "cn=myusername,ou=mygroup,dc=myenterprise,dc=com" wich is not very fluent.

Babynus
Administrator of ProjeQtOr web site
Last edit: 31 Jan 2020 14:52 by babynus.

Please Connexion or Create an account to join the conversation.

More
11 Fév 2020 11:25 - 11 Fév 2020 11:25 #5 by NicolasD
Hi babynus,

OK Thank you very much for your answer :) We will continue to use a service account !

Kind Regards
Last edit: 11 Fév 2020 11:25 by NicolasD.

Please Connexion or Create an account to join the conversation.

Moderators: babynusprotion
Time to create page: 0.026 seconds