Forum GLPI-Project

McHenry

Member

Registered: 2024-06-01

Posts: 57

LDAP login discloses client list

If we setup LDAP auth for all clients then our client list is disclosed in the login dropdown.

Is there anyway to confirm.LDAP login  under the one name to protect privacy?

cconard96

Moderator

Registered: 2018-07-31

Posts: 2,813

Website

Re: LDAP login discloses client list

You can disable the login source dropdown in Setup > General > General setup. It should work OK as long as their aren't matching users from multiple sources.

---

GLPI Collaborator and Plugin Developer.
My non-English comments are automated translations. Sorry for any confusion that causes.
Mes commentaires non anglais sont des traductions automatiques. Désolé pour toute confusion qui cause.
Mis comentarios que no están en inglés son traducciones automáticas. Perdón por cualquier confusión que cause.

McHenry

Member

Registered: 2024-06-01

Posts: 57

Re: LDAP login discloses client list

Have configured LDAP for a client, tested and working with the drop down hidden on the hompage.

As the LDAP login only uses the username, and not the domain name, there is the potential for conflicts, as you mentioned above.

Can the login username be configured to include the AD domain to eliminate such conflicts?

i.e. "\companyA\mchenry" instead of simply "mchenry"

Last edited by McHenry (2024-06-16 06:28:00)

McHenry

Member

Registered: 2024-06-01

Posts: 57

Re: LDAP login discloses client list

OK, we have tested this with two clients and if both clients have the same username then as long as the passwords are different we are able to login and GLPI will validate the username & password combination if a match can be found in either LDAP server. This works well.

Now I need to work out how to configure automatic imports and updates of LDAP users with Docker.