Comments (2)
Thanks. I can't help but think that a preferred solution would be to fix the upstream data and put an actual email address in the/an email field. This could be done with a similar batch that reads your ldap records, constructs email addresses, and then writes them.
Building a regexp feature into the ldap sync is not something that I'm opposed to, but something that adds additional complexity.
from vaultwarden_ldap.
Using the E-Mail field of the LDAP upstream is unfortunately not a solution for me, since I want users on my services to have a unique user-naming convention like [email protected] while the mail in the LDAP field can contain even foreign mails for guests. Yet, their bitwarden login name should be @mytld.com - Preferrably even without the @mytld.com, but that is unfortunately not supported by Bitwarden/Vaultwarden by design.
Another way would have been to extend the scheme on my ActiveDirectory to support custom fields and sync that to the username, as you suggested. But that is a bit of overkill TBH.
I found an intermediate solution, which does the job: As of right now, I am running OpenResty as an intermediate proxy between vaultwarden_ldap and vaultwarden which modifies the HTTP header requestbody between the REST Api calls to rewrite the username in both directions (adds the TLD towards vaultwarden and strips it towards vaultwarden_ldap).
As I agree on the complexity argument for regexp, the most simpliest solution would be to allow prefix/suffix extension.
from vaultwarden_ldap.
Related Issues (20)
- Crashing when encountering users without an email address HOT 3
- ldap login problem HOT 1
- Clarify documentation on intent of application HOT 2
- Unable to Sync Users with Vaultwarden instance HOT 1
- Enable environment variable with the ID of the organization to which users are to be invited HOT 1
- Unable to Sync Users with Vaultwarden
- package 1.1.1f-ubuntu2.20 doesn't exist
- vividboarder/vaultwarden_ldap:alpine image not updated HOT 4
- Do not use "restart = unless stopped" (docker-compose) and "ldap_sync_loop = false" (config.toml) ! HOT 1
- Request a feature HOT 1
- Disable users that vanished from LDAP HOT 7
- Proper communication with LDAP HOT 2
- Group / organization support? HOT 2
- LDAP login authentication failure HOT 6
- Anonymous bind enabled? HOT 1
- Can support ldap group members HOT 3
- Help translating ldapsearch query into working config HOT 1
- LDAP Synchronization with Microsoft Active Directory LDAP not working HOT 1
- The data will be cleared if to execute `docker-compose up` HOT 6
- Bind DN to authenticate is empty when using Authentik LDAP HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vaultwarden_ldap.