Integrate external LDAP

[Geosolutions]

Dear georchestra group,

I would like to set up georchestra using the docker compose 24.0. I would like to use my own LDAP for this, but I have encountered a few problems. For setup I have adapted .envs-ldap and config/gateway/security.yaml and replaced the fields of the default profile with those of my LDAP. I also mapped the roles that can be found in the LDAP to the existing ones in Georchestra in config/gateway/role-mappings.yaml.

The LDAP is read only, how should I deal with pending users and pending orgs(geonetwork), as these ous do not exist and I cannot change group memberships? What is the correct procedure for integrating a read-only LDAP?

 

Kind Regards

Ellen 

[François Van Der Biest]

Hi Ellen,

Sorry for the late reply :-(

With a read-only LDAP you should consider setting up a synchronisation mechanism to the geOrchestra LDAP.

The geOrchestra LDAP can also be used to proxy password check request via SASL, see eg https://github.com/georchestra/georchestra/blob/master/docsv1/tutorials/sasl.md (but it's an old doc, it may need to be double checked).

Feel free to join us live on https://app.element.io/#/room/#georchestra:osgeo.org for more.

Regards,

F.

--
--
projet: http://www.georchestra.org/

---
Vous recevez ce message, car vous êtes abonné au groupe Google Groupes "georchestra-dev".
Pour vous désabonner de ce groupe et ne plus recevoir d'e-mails le concernant, envoyez un e-mail à l'adresse georchestra-d...@googlegroups.com.
Pour afficher cette discussion, accédez à https://groups.google.com/d/msgid/georchestra-dev/a5926200-8361-4249-803a-5359a3e8db71n%40googlegroups.com.