[tor-bugs] #32332 [Internal Services/Service - nextcloud]: Set up LDAP authn for nc.tpn

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Oct 29 23:35:04 UTC 2019


#32332: Set up LDAP authn for nc.tpn
-------------------------------------------------+-------------------------
 Reporter:  ln5                                  |          Owner:
                                                 |  nextcloud-admin@…
     Type:  defect                               |         Status:  new
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Service -          |        Version:
  nextcloud                                      |
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:  #32267                               |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by anarcat):

 we don't usually allow apps to connect directly to the LDAP server. what
 we do is we sync the user list into the app, and then the app works
 standalone. i don't exactly know how it works,

 in gitlab, for example, users have different passwords (but the same
 username) than in LDAP, and that's on purpose: that way a compromise in
 gitlab doesn't affect gitlab.

 i don't know how this could be done in LDAP. the module you refer to seems
 to do "traditionnal" LDAP sync, which requires the same user/password, as
 far as i can tell.

 we might need to implement our own thing if we want to stick with user
 policy, possibly with
 https://docs.nextcloud.com/server/17/admin_manual/configuration_user/instruction_set_for_users.html

 which seems kind of a pain in the bottom. ;)

 more research definitely seem necessary here.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32332#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list