https://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292010-06-29T11:33:17ZRedmineRedmine - Feature #5742: Association of an LDAP group to a Redmine grouphttps://www.redmine.org/issues/5742?journal_id=178002010-06-29T11:33:17ZGlenn Gould
<ul></ul><p>Related to <a class="issue tracker-2 status-1 priority-4 priority-default" title="Feature: Link LDAP groups with user accounts (New)" href="https://www.redmine.org/issues/1113">#1113</a>, <a class="issue tracker-3 status-1 priority-4 priority-default" title="Patch: Create and maintain groups from LDAP attributes (New)" href="https://www.redmine.org/issues/4755">#4755</a></p> Redmine - Feature #5742: Association of an LDAP group to a Redmine grouphttps://www.redmine.org/issues/5742?journal_id=184922010-07-20T03:23:15Zmike kromarek
<ul></ul><p>This would be a very useful feature. Right now our AD is setup in such a way that I cannot restrict users by OU, and anyone with an account can login (staff|faculty|students|etc). Which we want them to be able to log in. However, this creates a problem for us when our only option for giving staff the rights to create projects is to allow all authenticated users to create projects.</p> Redmine - Feature #5742: Association of an LDAP group to a Redmine grouphttps://www.redmine.org/issues/5742?journal_id=264662011-03-16T08:45:23ZTerence Mill
<ul></ul><p>+1</p>
<p>We are already using redmine, subversion, jenkins, sonar, nexus, openfire from the same user base and the only system which doesn't support ldap completly (mean groups) is redmine.</p>
<p>The most important feature of ldap beyond authenfication is grouping of users. This way we can make groups which holds users for roles on one place (ldap server) which is used by all systems.</p> Redmine - Feature #5742: Association of an LDAP group to a Redmine grouphttps://www.redmine.org/issues/5742?journal_id=266272011-03-20T17:59:44ZTerence Mill
<ul></ul><p>My approach for a full ldap group support in redmine is minimal invasive:</p>
<p><strong>First step:</strong><br />Admin selects potential groups in ldap, that get known in redmine<br />Redmine should do an "on the fly" lookup if admin enters group search string. The admin can select groups from query result for setup in redmine. In Redmine group view, Groups which still exists in ldap get marked so you can distinguish them to "internal only" redmine groups or groups that has been deleted in ldap.</p>
<p><strong>Second step:</strong><br />The admin assigns projects and roles to that groups</p>
<p><strong>Third step:</strong></p>
<p>User authentification and "on tfe fly" project/role assigment via ldap group on login</p>
<p>If users logs into redmine, user gets authenticated agaist ldap and if valid redmine retrieves all ldap groups for that user - but only for configured group DN. Then redmine filters alls groups that exists in ldap and corresponding ones in redmine with same name.<br />Groups don't get deleted in redmine if no longer exists in ldap on next check (on login or group configuration in admin gui), but get marked so that it is visualized it is no ldap any longer. Also if ldap group(s) no longer exists (can be made optional by checkbox, so internal groups can be used also) group(s) won't get used for project-role authorization.<br />This approach checks user group memberships in ldap and group existence in ldap on the fly and don't imports and synronizes all ldap groups all the time.</p> Redmine - Feature #5742: Association of an LDAP group to a Redmine grouphttps://www.redmine.org/issues/5742?journal_id=774072017-03-21T21:08:46ZAnonymous
<ul></ul><a name="Redmine-Plugin-Add-LDAP-Users-to-Group"></a>
<h2 >Redmine Plugin : Add LDAP Users to Group<a href="#Redmine-Plugin-Add-LDAP-Users-to-Group" class="wiki-anchor">¶</a></h2>
<p>I just made some plugin that could help people with Redmine ~3.2</p>
<blockquote>
<p>Redmine plugin that automatically adds newly logged-in LDAP users to specific group that is configurated in plugin's settings.</p>
</blockquote>
<p><a class="external" href="https://github.com/savoirfairelinux/redmine-add-ldap-user-to-group">https://github.com/savoirfairelinux/redmine-add-ldap-user-to-group</a></p> Redmine - Feature #5742: Association of an LDAP group to a Redmine grouphttps://www.redmine.org/issues/5742?journal_id=781032017-04-19T15:43:34ZToshi MARUYAMA
<ul><li><strong>Related to</strong> <i><a class="issue tracker-2 status-1 priority-4 priority-default" href="/issues/6202">Feature #6202</a>: On-the-fly group addition based on LDAP sources</i> added</li></ul>