Idea ID: 1663999

import LDAP users (or internal authorization with LDAP authentication)

Status : Declined
over 2 years ago

Allow ldap users to be asigned directly to OO Central roles.

Currently when enabled LDAP authentication (check username & password) in OO Central, it also needed to use it for authoritation (what the user can do), based on map ldap groups to OO roles.

In some scenarios, customer is not ready to create new ldap groups to accomodate OO Central usage, and existing ldap groups doesn't match with profiles needed. Creating and mantaining dozens of internal users in several OO environments (Dev, Test, Pro) is time consuming for OO admins; plus the need for users to know a different password, change and complexity policies,...

Internal OO Central users can be directly asigned to OO roles without problem.

It can be solved by adding to internal user edit window a new field to select on which ldap authenticate this user (instead of internal password, stored on OO DB).
Can be enhanced with new options to search for users in LDAP and import to OO (keeping authenticatin on LDAP), this was posibble since long time ago in other tools like Server Automation.

  • More info is needed.

    You are mentionning that an automatic map to roles is needed yet a user import is mentioned at the very end.

    Importing LDAP users to the OO DB is not an approach that we are looking for at the moment. 

    We are declining the idea at this stage. More details are welcomed.