You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The LDAP server configuration page is incomplete and confusing. Parts of the configuration settings are still in the global configuration file. The configuration of the key store for the SSL connection is not intuitive.
Here is an example of a cleaner LDAP server configuration page:
URL should come with preset ldap://localhost:389/
Secure connection should contain three options: Unencrypted, SSH, TLS (→ ldap_useTLS)
User homes should contain two options: local, from LDAP (→ useLocalDirectory)
Key store and Key store password should only be rendered if Secure connection is “SSH”.
Check user password on login (→ inverse to useSimpleAuthentification)
LDAP admin CN, LDAP admin password, User password encryption and NextFreeUnixID CN should only be rendered if Read-only access is “off”.
It is questionable if we need to provide a function to create the Java key store (and how that should look in detail − maybe upload certificates?), or a documentation how to do this with some shell commands is sufficient. In any case, the two “certificate” fields are part of that functionality. They are only needed to create the key store and not necessarily need to be stored forever in the database.
The text was updated successfully, but these errors were encountered:
The LDAP server configuration page is incomplete and confusing. Parts of the configuration settings are still in the global configuration file. The configuration of the key store for the SSL connection is not intuitive.
Here is an example of a cleaner LDAP server configuration page:
ldap://localhost:389/
ldap_useTLS
)useLocalDirectory
)useSimpleAuthentification
)It is questionable if we need to provide a function to create the Java key store (and how that should look in detail − maybe upload certificates?), or a documentation how to do this with some shell commands is sufficient. In any case, the two “certificate” fields are part of that functionality. They are only needed to create the key store and not necessarily need to be stored forever in the database.
The text was updated successfully, but these errors were encountered: