User import with LDAP #126
Comments
|
This is a duplicate of #48, no? |
|
I looked at #48 but it's not really the authentication, although the authentication part of it would be great. Not all of our users would have login access to the asset database but we would need to assign a computer to their name. I suppose they could be one and the same and just switch off logins for those users. |
|
I had been sussing out how to handle that as well. Tracmor does this reasonably well, and it's worth considering to actually break it out the way they do, so you have contacts and users as a separate thing. Let me chew on that a little bit. I appreciate your input. |
|
We agree splitting system users and Asset assignable "contacts" is probably a better, more sustainable way to go. User would be LDAP authenticated, and Owners/Contacts would could easily be an LDAP sync or CSV import. |
|
LDAP has always been on the roadmap, but it cannot be a requirement. The point of this project was to offer an IT asset management system to smaller organizations, and some of then won't have LDAP, or if they do, it may be difficult to accomplish integration within the organization. I've looked at some LDAP packages which seem promising, so I doubt we'd need to reinvent the wheel, but it must remain an optional feature. |
|
Totally agree LDAP should always be an alternative auth mechanism. For our specific needs its a must (down the line... eventual... lower priority must), as well as an LDAP import/sync function but recognize we would be the minority case. better wording: |
snipe
added
the
👩💻 ready for dev
|
Test server here may work for anyone looking to work on this feature: http://www.forumsys.com/tutorials/integration-how-to/ldap/online-ldap-test-server/ |
|
OK. So I am a little confused here. I have read several requests dealing with LDAP integration for assigning devices to users. Is there a way to do this or not? I see that this case has the ready label. Does that mean that this has been implemented into SNIPE-IT? |
|
No, this means it's ready to be worked on |
|
Ah ok. I was a little confused. Any Idea of when it will be implemented? |
|
Not sure - there aren't a lot of good libraries for LDAp at this point. I know a few people have mentioned they wanted to work on it, but I haven't heard anyone report back on progress, so I would assume it's not been started yet. (I know I haven't been working on it.) |
|
The company that I am working for uses ticketos ( I know there were talks of integrating the two projects). Anything more on that? We need a solution that supports ad integration, i just stumbled upon this project today. I hope you guys get ldap or AD integration implemented relatively quickly, I would love to use this at our company, but that is a big selling point for our company. |
|
_If this is still of interest, I have created and tested an LDAP sync function. My goal was to create users that would never have access to the system but that use our services... hence I only need to track what they have and potentially communicate with them. |
|
Hi @aalaily - nice work! A few questions:
|
|
Hi Snipe, _How does it handle existing users?_ _Extra functionality - LDAP authentication_ |
|
This sounds great - I'd love a pull request against the develop branch so I can take a look. Thanks! |
|
No problem! I will submit a pull request and feedback will be much appreciated. |
|
OK... the pull request has been submitted. |
|
@aalaily - for existing users, is it matching off the LDAP username or email address? |
|
@kobie-chasehansen - it's matching on the username |
|
This is now on develop |
snipe
removed
the
👩💻 ready for dev
|
How can I get the LDAP function added to my installation of Snipe-IT I am using running on 2012 R2 |
|
Thank you |
|
is this just an ldap importer (this means that each time i add an user to ldap i have to manually click import to import the user) or is it an adapter (it actually checks on ldap real time)? or both? |
|
Both-ish. It will import users from your directory into Snipe-IT, and then will attempt to authenticate against the directory for the users that have been imported. AFAIK it is not actively/regularly checking for new users in your directory. |
|
@ddreier You are correct - that's exactly how LDAP integration currently works. :) |
|
interesting functionality. this means that i import users from ldap, change password in ldap and then it doesn't work anymore? |
|
If LDAP is enabled, it will attempt to authenticate against the LDAP server before trying a local database user, IIRC |
|
@NwaEze1 please open a new ticket - this one is closed. |
and others
When checking assets out to users it would be great if it was possible to get a list of users from LDAP rather than having to add each of them individually.
The text was updated successfully, but these errors were encountered: