Feature #4037

LDAP-Memberlist too big

Added by Lars Scheithauer about 12 years ago. Updated about 12 years ago.

Status:NewStart date:2009-10-15
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Accounts / authentication
Target version:-
Resolution:

Description

I am working in an university and we've started deploying redmine as our primary project server. We are authenticating users against LDAP and want every student to be able to create their own project (which I wrote a plugin for that works very nicely - will send a patch after I did some cleanup).

Now, when a student has started a new project, he is automatically added as manager. The next logical step is to invite other students of the same project team. First problem here is that only those accounts of students, who have logged into redmine at least once, are available (due to the on-the-fly creation of profiles).

Due to referential integrity, a search on the ldap to fill the memberlist would have some problems to solve with non-existant ids. So I propose a script to run as cronjob, that syncronizes the redmine-userdatabase with an LDAP-Server.

However, on large LDAP-databases, this imposes a problem in the member-selection tool (having 5000+ Members in the list sucks). So my second proposal is to have an ajax-field instead, which makes suggestions to the entered letters. That would give a lot more flexibility.

Best Regards,
Lars

History

#1 Updated by Holger Winkelmann about 12 years ago

Lars Scheithauer wrote:

I am working in an university and we've started deploying redmine as our primary project server. We are authenticating users against LDAP and want every student to be able to create their own project (which I wrote a plugin for that works very nicely - will send a patch after I did some cleanup).

Now, when a student has started a new project, he is automatically added as manager. The next logical step is to invite other students of the same project team. First problem here is that only those accounts of students, who have logged into redmine at least once, are available (due to the on-the-fly creation of profiles).

Due to referential integrity, a search on the ldap to fill the memberlist would have some problems to solve with non-existant ids. So I propose a script to run as cronjob, that syncronizes the redmine-userdatabase with an LDAP-Server.

However, on large LDAP-databases, this imposes a problem in the member-selection tool (having 5000+ Members in the list sucks). So my second proposal is to have an ajax-field instead, which makes suggestions to the entered letters. That would give a lot more flexibility.

Best Regards,
Lars

this is related to #3428 see my comments below there

#2 Updated by Lars Scheithauer about 12 years ago

That is correct - this one should be marked as duplicate and merged with your proposal.

#3 Updated by Adam Piotr ┼╗ochowski about 12 years ago

There is already a patch (and in 0.9) for dealing with 50k employees.

please check it out : #2993

My system as only 40k employees in the system. I have back-ported the patch for 0.8.4 (haven't had time to upgrade with to 0.8.5 yet, but I doubt it would be problematic.

I also vote for the auto LDAP import. So far we made one time custom hack import, but since then been adding new users manually.

Kind regards

Adam ┼╗ochowski

Also available in: Atom PDF