Added LDAPSyncWithUserGroups to config.json schema (#4415)
This commit is contained in:
parent
00765288e6
commit
334a9b8321
|
@ -550,6 +550,19 @@
|
||||||
"ldapUserImage": { "type": "string", "default": "thumbnailPhoto", "description": "The LDAP value to use for the user's image." },
|
"ldapUserImage": { "type": "string", "default": "thumbnailPhoto", "description": "The LDAP value to use for the user's image." },
|
||||||
"ldapSaveUserToFile": { "type": "string", "default": null, "description": "When set to a filename, for example c:\\temp\\ldapusers.txt, MeshCentral will save the LDAP user object to this file each time a user logs in. This is used for debugging LDAP issues." },
|
"ldapSaveUserToFile": { "type": "string", "default": null, "description": "When set to a filename, for example c:\\temp\\ldapusers.txt, MeshCentral will save the LDAP user object to this file each time a user logs in. This is used for debugging LDAP issues." },
|
||||||
"ldapUserGroups": { "type": "string", "default": "memberOf", "description": "The LDAP value to use for the user's group memberships." },
|
"ldapUserGroups": { "type": "string", "default": "memberOf", "description": "The LDAP value to use for the user's group memberships." },
|
||||||
|
"ldapSyncWithUserGroups": {
|
||||||
|
"type": [ "boolean", "object" ],
|
||||||
|
"default": false,
|
||||||
|
"description": "When set to true or set to an object, MeshCentral will syncronized LDAP user memberships to MeshCentral user groups.",
|
||||||
|
"additionalProperties": false,
|
||||||
|
"properties": {
|
||||||
|
"filter": {
|
||||||
|
"type": [ "string", "array" ],
|
||||||
|
"default": null,
|
||||||
|
"description": "When set to a string or array of strings, only LDAP membership groups that includes one of the strings will be syncronized with MeshCentral user groups."
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
"ldapUserRequiredGroupMembership": { "type": [ "string", "array" ], "default": null, "description": "A list of LDAP groups. Users must be part of at least one of these groups to allow login. If null, all users are allowed to login." },
|
"ldapUserRequiredGroupMembership": { "type": [ "string", "array" ], "default": null, "description": "A list of LDAP groups. Users must be part of at least one of these groups to allow login. If null, all users are allowed to login." },
|
||||||
"ldapOptions": { "type": "object", "description": "LDAP options passed to ldapauth-fork" },
|
"ldapOptions": { "type": "object", "description": "LDAP options passed to ldapauth-fork" },
|
||||||
"agentInviteCodes": { "type": "boolean", "default": false, "description": "Enabled a feature where you can set one or more invitation codes in a device group. You can then give a invitation link to users who can use it to download the agent." },
|
"agentInviteCodes": { "type": "boolean", "default": false, "description": "Enabled a feature where you can set one or more invitation codes in a device group. You can then give a invitation link to users who can use it to download the agent." },
|
||||||
|
|
|
@ -535,26 +535,8 @@
|
||||||
"_LDAPUserEmail": "otherMail",
|
"_LDAPUserEmail": "otherMail",
|
||||||
"_LDAPUserGroups": "memberOf",
|
"_LDAPUserGroups": "memberOf",
|
||||||
"_LDAPUserRequiredGroupMembership": [ "CN=Domain Admins,CN=Users,DC=sample,DC=com" ],
|
"_LDAPUserRequiredGroupMembership": [ "CN=Domain Admins,CN=Users,DC=sample,DC=com" ],
|
||||||
"_LDAPPptions": {
|
"_LDAPSyncWithUserGroups": { "filter": [ "CN=Domain Admins" ] },
|
||||||
"url": "test",
|
"_LDAPOptions": {
|
||||||
"anne": {
|
|
||||||
"gecos": "Anne O'Nyme",
|
|
||||||
"displayName": "O Nyme anne",
|
|
||||||
"uid": "anneonyme",
|
|
||||||
"mail": "anneonyme@example.com",
|
|
||||||
"email": "anneonyme@example.com",
|
|
||||||
"otherMail": [ "other.anneonyme@example.com", "anneonyme@example.com" ]
|
|
||||||
},
|
|
||||||
"so": {
|
|
||||||
"displayName": "Sticker Sophie",
|
|
||||||
"gecos": "Sophie Sticker",
|
|
||||||
"uid": "ssticker",
|
|
||||||
"mail": "ssticker@example.com",
|
|
||||||
"email": "ssticker@example.com",
|
|
||||||
"otherMail": [ "other.ssticker@example.com", "ssticker@example.com" ]
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"__LDAPOptions": {
|
|
||||||
"URL": "ldap://1.2.3.4:389",
|
"URL": "ldap://1.2.3.4:389",
|
||||||
"BindDN": "CN=svc_meshcentral,CN=Users,DC=meshcentral,DC=local",
|
"BindDN": "CN=svc_meshcentral,CN=Users,DC=meshcentral,DC=local",
|
||||||
"BindCredentials": "Password.1",
|
"BindCredentials": "Password.1",
|
||||||
|
|
|
@ -500,7 +500,6 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
|
||||||
}
|
}
|
||||||
if (match) { g.push(userMemberships[i]); }
|
if (match) { g.push(userMemberships[i]); }
|
||||||
}
|
}
|
||||||
console.log(g);
|
|
||||||
userMemberships = g;
|
userMemberships = g;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
Loading…
Reference in New Issue