Eigenes Ldap setup #72
Loading…
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Portunus sucks
Is there some nicer ldap frontend ?
Not really. I'd personally just open the ldaps port to the outside and use some remote LDAP management client like https://directory.apache.org/studio/ or similar
This looks like vomit to be frank. What is actually the problem with portunus the looks or is the some key functionality missing ?
I actually really like the web ui, but Portunus does have some major issues and is indeed missing important functionality, not only for our use case.
I think its general approach is far from ideal: As I understand it, Portunus sees its own database as the single source of truth, while the puppeteered OpenLDAP is merely supposed to serve a read-only copy of the data. Instead of relying on OpenLDAP as the backend, Portunus tries to reinvent the wheel and implement authentication and so on itself, just for its web ui. This is IMHO a lot of unnecessary effort, and it causes a list of problems:
passwd
I believe that using plain OpenLDAP as a base, with some (simple to use) client / management software for administration and possibly self service, would be a better approach that does not have those problems.
We could try to spin up https://github.com/dnknth/ldap-ui as web ui. This looks quite promising and uses openldap as backend
Why not use lam as we did on Kaki, if you just want a nice frontend for (Open-)LDAP? I actually like it and use it privately as well. Plus it has a long maintenance history, so it is not likely to go away anytime soon.
Die Natur, dass Portunus bei jedem Neustart alle Nutzer neu anlegt macht das Keycloak kaputt.
Hier initiale Nix-Config, welche nicht funktioniert: