Added LDAPSyncWithUserGroups to config.json schema (#4415)

This commit is contained in:
Ylian Saint-Hilaire 2022-08-22 11:57:11 -07:00
parent 00765288e6
commit 334a9b8321
3 changed files with 15 additions and 21 deletions

View File

@ -550,6 +550,19 @@
"ldapUserImage": { "type": "string", "default": "thumbnailPhoto", "description": "The LDAP value to use for the user's image." }, "ldapUserImage": { "type": "string", "default": "thumbnailPhoto", "description": "The LDAP value to use for the user's image." },
"ldapSaveUserToFile": { "type": "string", "default": null, "description": "When set to a filename, for example c:\\temp\\ldapusers.txt, MeshCentral will save the LDAP user object to this file each time a user logs in. This is used for debugging LDAP issues." }, "ldapSaveUserToFile": { "type": "string", "default": null, "description": "When set to a filename, for example c:\\temp\\ldapusers.txt, MeshCentral will save the LDAP user object to this file each time a user logs in. This is used for debugging LDAP issues." },
"ldapUserGroups": { "type": "string", "default": "memberOf", "description": "The LDAP value to use for the user's group memberships." }, "ldapUserGroups": { "type": "string", "default": "memberOf", "description": "The LDAP value to use for the user's group memberships." },
"ldapSyncWithUserGroups": {
"type": [ "boolean", "object" ],
"default": false,
"description": "When set to true or set to an object, MeshCentral will syncronized LDAP user memberships to MeshCentral user groups.",
"additionalProperties": false,
"properties": {
"filter": {
"type": [ "string", "array" ],
"default": null,
"description": "When set to a string or array of strings, only LDAP membership groups that includes one of the strings will be syncronized with MeshCentral user groups."
}
}
},
"ldapUserRequiredGroupMembership": { "type": [ "string", "array" ], "default": null, "description": "A list of LDAP groups. Users must be part of at least one of these groups to allow login. If null, all users are allowed to login." }, "ldapUserRequiredGroupMembership": { "type": [ "string", "array" ], "default": null, "description": "A list of LDAP groups. Users must be part of at least one of these groups to allow login. If null, all users are allowed to login." },
"ldapOptions": { "type": "object", "description": "LDAP options passed to ldapauth-fork" }, "ldapOptions": { "type": "object", "description": "LDAP options passed to ldapauth-fork" },
"agentInviteCodes": { "type": "boolean", "default": false, "description": "Enabled a feature where you can set one or more invitation codes in a device group. You can then give a invitation link to users who can use it to download the agent." }, "agentInviteCodes": { "type": "boolean", "default": false, "description": "Enabled a feature where you can set one or more invitation codes in a device group. You can then give a invitation link to users who can use it to download the agent." },

View File

@ -535,26 +535,8 @@
"_LDAPUserEmail": "otherMail", "_LDAPUserEmail": "otherMail",
"_LDAPUserGroups": "memberOf", "_LDAPUserGroups": "memberOf",
"_LDAPUserRequiredGroupMembership": [ "CN=Domain Admins,CN=Users,DC=sample,DC=com" ], "_LDAPUserRequiredGroupMembership": [ "CN=Domain Admins,CN=Users,DC=sample,DC=com" ],
"_LDAPPptions": { "_LDAPSyncWithUserGroups": { "filter": [ "CN=Domain Admins" ] },
"url": "test", "_LDAPOptions": {
"anne": {
"gecos": "Anne O'Nyme",
"displayName": "O Nyme anne",
"uid": "anneonyme",
"mail": "anneonyme@example.com",
"email": "anneonyme@example.com",
"otherMail": [ "other.anneonyme@example.com", "anneonyme@example.com" ]
},
"so": {
"displayName": "Sticker Sophie",
"gecos": "Sophie Sticker",
"uid": "ssticker",
"mail": "ssticker@example.com",
"email": "ssticker@example.com",
"otherMail": [ "other.ssticker@example.com", "ssticker@example.com" ]
}
},
"__LDAPOptions": {
"URL": "ldap://1.2.3.4:389", "URL": "ldap://1.2.3.4:389",
"BindDN": "CN=svc_meshcentral,CN=Users,DC=meshcentral,DC=local", "BindDN": "CN=svc_meshcentral,CN=Users,DC=meshcentral,DC=local",
"BindCredentials": "Password.1", "BindCredentials": "Password.1",

View File

@ -500,7 +500,6 @@ module.exports.CreateWebServer = function (parent, db, args, certificates, doneF
} }
if (match) { g.push(userMemberships[i]); } if (match) { g.push(userMemberships[i]); }
} }
console.log(g);
userMemberships = g; userMemberships = g;
} }
} else { } else {