Integrate external LDAP

18 views
Skip to first unread message

Geosolutions

unread,
Feb 6, 2025, 10:27:49 AMFeb 6
to georchestra-dev

Dear georchestra group,


I would like to set up georchestra using the docker compose 24.0. I would like to use my own LDAP for this, but I have encountered a few problems. For setup I have adapted .envs-ldap and config/gateway/security.yaml and replaced the fields of the default profile with those of my LDAP. I also mapped the roles that can be found in the LDAP to the existing ones in Georchestra in config/gateway/role-mappings.yaml.

The LDAP is read only, how should I deal with pending users and pending orgs(geonetwork), as these ous do not exist and I cannot change group memberships? What is the correct procedure for integrating a read-only LDAP?

 

Kind Regards

Ellen 

François Van Der Biest

unread,
Feb 19, 2025, 3:42:26 PMFeb 19
to georche...@googlegroups.com
Hi Ellen,

Sorry for the late reply :-(

With a read-only LDAP you should consider setting up a synchronisation mechanism to the geOrchestra LDAP.
The geOrchestra LDAP can also be used to proxy password check request via SASL, see eg https://github.com/georchestra/georchestra/blob/master/docsv1/tutorials/sasl.md (but it's an old doc, it may need to be double checked).

Feel free to join us live on https://app.element.io/#/room/#georchestra:osgeo.org for more.

Regards,
F.

--
--
projet: http://www.georchestra.org/

---
Vous recevez ce message, car vous êtes abonné au groupe Google Groupes "georchestra-dev".
Pour vous désabonner de ce groupe et ne plus recevoir d'e-mails le concernant, envoyez un e-mail à l'adresse georchestra-d...@googlegroups.com.
Pour afficher cette discussion, accédez à https://groups.google.com/d/msgid/georchestra-dev/a5926200-8361-4249-803a-5359a3e8db71n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages