authentik icon indicating copy to clipboard operation
authentik copied to clipboard
verified publisher icon goauthentik

sources: ldap uniqueness field per user and group

Open Ignatella opened this issue 1 year ago • 1 comments

Hi,

Is your feature request related to a problem? Please describe. We are using Authentik with LDAP in an organization, and it would be great to have the ability to set different object uniqueness fields for groups and users. Currently, we are using uid for users and gid for groups. We've been using 2 LDAP sources as a workaround, but this solution has a significant drawback: during synchronization, user-group mapping is lost until the next 'group LDAP source' synchronization.

Describe the solution you'd like User has the ability to set 'User uniqueness field' and 'Group uniqueness field', which would then be used to extract values for the ldap_unique attribute.

Additional context Finally we implemented temporary solution modifying sources/ldap/sync package.

Would You like to see a pull request with the feature?

Version and Deployment authentik version: 2024.4.2 Deployment: docker-compose

Ignatella avatar May 11 '24 21:05 Ignatella

yes please i have the "same" problem...

q16marvin avatar Jun 26 '24 21:06 q16marvin

Just because I'm curious: shouldn't the entryUUID attribute be available on both users and groups? For some LDAP servers, you might "request the attribute explicitly:

ldapsearch -H ldaps://ldap.example.com -b dc=example,dc=com '(uid=example.user)' '*' '+' entryUUID

saz avatar Sep 19 '24 13:09 saz