[GH-ISSUE #176] Read-only LDAP user #67

New issue

Closed

opened 2026-02-27 08:15:04 +03:00 by kerem · 0 comments

kerem commented 2026-02-27 08:15:04 +03:00

Owner

Copy link

Originally created by @idlecoder-fr on GitHub (Jun 6, 2022).
Original GitHub issue: https://github.com/lldap/lldap/issues/176

Hi !
This issue to ask if it's possible to introduce a separate "read only admin" account, allowed to read LDAP tree without being authorized to log into the web interface as admin.
For now, if one service using LLDAP as auth backend is being compromised, the "admin" account can be reused to log in the web interface (which I'd want to keep online, providing a 'self service' password change for users...).

Thanks again for the great job btw !

Originally created by @idlecoder-fr on GitHub (Jun 6, 2022). Original GitHub issue: https://github.com/lldap/lldap/issues/176 Hi ! This issue to ask if it's possible to introduce a separate "read only admin" account, allowed to read LDAP tree without being authorized to log into the web interface as admin. For now, if one service using LLDAP as auth backend is being compromised, the "admin" account can be reused to log in the web interface (which I'd want to keep online, providing a 'self service' password change for users...). Thanks again for the great job btw !

kerem closed this issue 2026-02-27 08:15:04 +03:00

kerem referenced this issue 2026-02-27 08:15:18 +03:00

[GH-ISSUE #294] pam support? #110

kerem referenced this issue 2026-02-27 08:15:23 +03:00

[GH-ISSUE #329] Show the dn in the ui #123

kerem referenced this issue 2026-02-27 08:15:24 +03:00

[GH-ISSUE #330] Allow browsing with tools like LDAP Admin #125

kerem referenced this issue 2026-02-27 08:15:34 +03:00

[GH-ISSUE #399] Should this setting be "cn" instead of "displayName" - Authelia Config #152

kerem referenced this issue 2026-02-27 08:15:50 +03:00

[GH-ISSUE #537] Security issue: Users can set their own arbitrary email addresses #196

kerem referenced this issue 2026-02-27 08:15:52 +03:00

[GH-ISSUE #562] ambiguous column name: display_name #202

kerem referenced this issue 2026-02-27 08:15:52 +03:00

[GH-ISSUE #570] Ability to lock / hide fields #206

kerem referenced this issue 2026-02-27 08:15:53 +03:00

[GH-ISSUE #570] Ability to lock / hide fields #206

kerem referenced this issue 2026-02-27 08:15:58 +03:00

[GH-ISSUE #599] Samba integration #221

kerem referenced this issue 2026-02-27 08:16:10 +03:00

[GH-ISSUE #702] [Feature Request] sudoers support #252

kerem referenced this issue 2026-02-27 08:16:10 +03:00

[GH-ISSUE #702] [Feature Request] sudoers support #252

kerem referenced this issue 2026-02-27 08:16:10 +03:00

[GH-ISSUE #705] Keycloak : searching for users while LDAP User Federation is on doesn't work #251

kerem referenced this issue 2026-02-27 08:16:10 +03:00

[GH-ISSUE #705] Keycloak : searching for users while LDAP User Federation is on doesn't work #251

kerem referenced this issue 2026-02-27 08:16:10 +03:00

[GH-ISSUE #705] Keycloak : searching for users while LDAP User Federation is on doesn't work #251

kerem referenced this issue 2026-02-27 08:16:10 +03:00

[GH-ISSUE #705] Keycloak : searching for users while LDAP User Federation is on doesn't work #251

kerem referenced this issue 2026-02-27 08:16:11 +03:00

[GH-ISSUE #712] Feature request: Allow OpenSSH-LPK schema #254

kerem referenced this issue 2026-02-27 08:16:11 +03:00

[GH-ISSUE #712] Feature request: Allow OpenSSH-LPK schema #254

kerem referenced this issue 2026-02-27 08:16:11 +03:00

[GH-ISSUE #712] Feature request: Allow OpenSSH-LPK schema #254

kerem referenced this issue 2026-02-27 08:16:11 +03:00

[GH-ISSUE #707] Feature request: CLI support #253

kerem referenced this issue 2026-02-27 08:16:11 +03:00

[GH-ISSUE #707] Feature request: CLI support #253

kerem referenced this issue 2026-02-27 09:09:22 +03:00

[PR #335] [MERGED] server: Start versioning the DB schema #684

kerem referenced this issue 2026-02-27 09:09:27 +03:00

[PR #382] [MERGED] server,app: migrate to sea-orm #710

kerem referenced this issue 2026-02-27 09:09:57 +03:00

[PR #603] [MERGED] server: prepare DB schema for user attributes #844

kerem referenced this issue 2026-02-27 09:09:58 +03:00

[PR #615] [MERGED] Use attribute schema at the LDAP/GraphQL layers #849

kerem referenced this issue 2026-02-27 09:10:09 +03:00

[PR #682] [MERGED] server: return user-defined attributes for groups in graphql #894

kerem referenced this issue 2026-02-27 09:10:09 +03:00

[PR #681] [MERGED] server: return attributes in graphql #896

kerem referenced this issue 2026-02-27 09:10:10 +03:00

[PR #686] [MERGED] server: read custom attributes from LDAP #899

kerem referenced this issue 2026-02-27 09:10:10 +03:00

[PR #690] [MERGED] Add support for writing attribute values in domain #900

kerem referenced this issue 2026-02-27 09:10:11 +03:00

[PR #694] [MERGED] Add support in domain for creating attributes, and setting group attributes #903

kerem referenced this issue 2026-02-27 09:10:11 +03:00

[PR #695] [MERGED] server: Add graphql support for creating/deleting attributes #904

kerem referenced this issue 2026-02-27 09:10:13 +03:00

[PR #708] [MERGED] server: Add graphql support for setting attributes #910

kerem referenced this issue 2026-02-27 09:10:24 +03:00

[PR #802] [MERGED] app: add user attributes page #961

kerem referenced this issue 2026-02-27 09:10:27 +03:00

[PR #825] [MERGED] app: create group attribute schema page #975

kerem referenced this issue 2026-02-27 09:10:28 +03:00

[PR #836] [MERGED] Add missing object class functionalities #980

kerem referenced this issue 2026-02-27 09:10:28 +03:00

[PR #833] [MERGED] server: Add support for custom LDAP object classes for users and groups #981

kerem referenced this issue 2026-02-27 09:10:47 +03:00

[PR #1005] [MERGED] app: Add support for group attributes #1064

kerem referenced this issue 2026-02-27 09:10:48 +03:00

[PR #1013] [MERGED] app: Allow custom attributes in group creation #1072

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

dependabot/github_actions/codecov/codecov-action-6

copilot/fix-equality-filters-list-attributes

dependabot/github_actions/docker/build-push-action-7

dependabot/github_actions/docker/metadata-action-6

dependabot/github_actions/docker/setup-buildx-action-4

dependabot/github_actions/docker/login-action-4

copilot/update-download-artifact-action

copilot/fix-opensuse-warnings

copilot/fix-1268

copilot/fix-727

copilot/fix-898

copilot/fix-1256

copilot/fix-1251

copilot/fix-1249

copilot/fix-1206

user-attribute-form

user-ui

group-ui

server-user-attribute-schema

crates

haveibeenpwned

v0.6.2

v0.6.1

v0.6.0

v0.5.0

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.0

v0.2.0

v0.0.1

Labels

Clear labels   

backend

  

blocked

  

bug

  

cleanup

  

dependencies

  

docker

  

documentation

  

duplicate

  

enhancement

  

enhancement

  

frontend

  

github_actions

  

good first issue

  

help wanted

  

help wanted

  

integration

  

invalid

  

ldap

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

rust

  

rust

  

tests

  

wontfix

No labels

backend

blocked

bug

cleanup

dependencies

docker

documentation

duplicate

enhancement

enhancement

frontend

github_actions

good first issue

help wanted

help wanted

integration

invalid

ldap

pull-request

question

rust

rust

tests

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/lldap-lldap#67

No description provided.