privacyidea-ldap-proxy icon indicating copy to clipboard operation
privacyidea-ldap-proxy copied to clipboard

Published 20 hours ago verified publisher icon privacyidea

Be able to configure multiple service accounts for different purposes

Open fredreichbier opened this issue 7 years ago • 1 comments

Right now, we use the service account specified in [service-account] for two purposes:

  • If bind-service-account is set to true, a bind request that was authenticated successfully against privacyIDEA will result in a bind request using the service account credentials against the LDAP backend. This makes it possible to perform searches (if allow-searches is also true).
  • The lookup user mapping strategy uses the service account credentials to look up usernames.

Maybe we should make it possible to use different service account credentials here?

fredreichbier avatar Jun 21 '17 19:06 fredreichbier

If there are different applications connected to the LDAP proxy, this exspecially seems to make sense...

cornelinux avatar Jun 27 '17 07:06 cornelinux