Hi Guys,
The latest patch I uploaded to review board (
https://reviews.apache.org/r/12969/ ) brings the "LDAP user
provisioning" project to a "prototype" stage.
If anybody wants to give feedback the ldapplugin branch should have
all features shown in the screencast once the above patch is shipped.
Support still needs to be added for ldap over SSL, memberof filters
and only show users that exist within ldap but not cloudstack on the
add user screen.
This includes:
- A new plugin for configuring ldap, authenticating against LDAP and
getting a list of users from LDAP.
- Modified UI
- Global Settings - Global LDAP configuration options. BaseDN,
Bind username, Bind password, etc.
- Global settings -> LDAP Configuration. Lets you add multiple
LDAP servers for failover support.
- Accounts -> Add Account. Brings up a table of LDAP users,
lets you select one to many LDAP users, set the same domain/network
domain/timezone/etc. for them and create them.
Quick 2min screencast at
https://www.youtube.com/watch?v=-3LG8wP7Zac&hd=1 showing off these
additions.
This screencast was created using the embedded LDAP server I added in
for the sake of integration tests. Its based of ApacheDS, and can be
started with
mvn -pl plugins/user-authenticators/ldap ldap:run
Thanks for all the help!
Ian
