jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
5,246 Commits 33 Branches 583 Tags
1802201e9e49e73831d68331ef7ba2f9fa0608d2
Commit Graph

86 Commits

Author SHA1 Message Date
Girish Ramakrishnan
5be05529c2 remove unused ldap ou 2016-05-15 21:25:56 -07:00
Girish Ramakrishnan
0f2037513b remove recvmail bind 2016-05-12 21:48:42 -07:00
Girish Ramakrishnan
9da4e038bd all lower case 2016-05-12 18:54:13 -07:00
Girish Ramakrishnan
b8242c82d6 create bind point for recvmail 2016-05-12 14:33:02 -07:00
Girish Ramakrishnan
442c02fa1b set mailAlternateAddress to username@fqdn 
This is mostly to keep haraka's rcpt_to.ldap happy. That plugin
could do with some love.
 2016-05-12 14:32:15 -07:00
Girish Ramakrishnan
d5306052bb refactor code for readability 2016-05-12 13:36:53 -07:00
Girish Ramakrishnan
8543dbe3be create a new ou for addons 2016-05-12 13:20:57 -07:00
Girish Ramakrishnan
da61d5c0f1 add ou=recvmail for dovecot 2016-05-11 14:26:34 -07:00
Girish Ramakrishnan
62b020e96d add note 2016-05-07 02:34:52 -07:00
Girish Ramakrishnan
2d43e22285 fix typo 2016-05-05 15:26:32 -07:00
Girish Ramakrishnan
b46008f0b1 add sendmail ou bind 
this will be used by haraka to authenticate the apps
 2016-05-05 00:26:43 -07:00
Girish Ramakrishnan
ffedbdfa13 various minor fixes to eventlog 2016-05-02 10:01:23 -07:00
Girish Ramakrishnan
b322f6805f move authType into source 2016-05-01 21:53:44 -07:00
Girish Ramakrishnan
37bdd2672b make user.create take auditSource 2016-05-01 20:01:34 -07:00
Girish Ramakrishnan
7967610f3f add user login to event log 2016-04-30 23:18:14 -07:00
Girish Ramakrishnan
b1987868be Set sn attribute only if non-empty 
sn and givenName have as their superior the name attribute, which is of DirectoryString syntax,
that is, the syntax is 1.3.6.1.4.1.1466.115.121.1.15. Attributes which are of syntax
DirectoryString are not allowed to be null, that is, a DirectoryString is required to have
at least one character.

http://stackoverflow.com/questions/15027094/how-to-filter-null-or-empty-attributes-from-an-active-directory-query

This fixes a crash in paperwork which relies on this.
 2016-04-19 12:03:03 -07:00
Girish Ramakrishnan
72eb3007c4 tmp -> obj 2016-04-19 12:00:34 -07:00
Girish Ramakrishnan
38b85e6006 set givenName and sn in ldap response 2016-04-13 10:52:25 -07:00
Johannes Zellner
d7c8cf5e0e Ensure ldap filter values are treated lowercase only 2016-04-13 12:28:44 +02:00
Johannes Zellner
99850f1161 Support ldap DNs with userId, username and email 2016-04-05 16:32:12 +02:00
Johannes Zellner
b56bc08e9a Allow to use email and username for ldap bind 2016-03-24 21:03:04 +01:00
girish@cloudron.io
486ced0946 fix LDAP debug 2016-03-04 17:52:27 -08:00
girish@cloudron.io
d1c1fb8786 fix ldap debug ("ldap" already appears as part of debug) 2016-03-04 17:51:18 -08:00
Johannes Zellner
86ef9074b1 Add access restriction tests for ldap auth 2016-02-18 17:40:53 +01:00
Johannes Zellner
b41642552d The ldap property is part of req.connection 2016-02-18 16:40:30 +01:00
Johannes Zellner
b0d11ddcab Adhere to access control on ldap user bind 2016-02-18 16:04:53 +01:00
Johannes Zellner
34aab65db3 Use the first part of the dn to get the common name in ldap 
It is no must to have the first part named 'cn' but the first
part is always the id we want to verify
 2016-01-25 11:31:57 +01:00
girish@cloudron.io
bfc9801699 provide displayName in ldap response when available 2016-01-19 23:47:24 -08:00
Girish Ramakrishnan
f39842a001 ldap: allow non-anonymous searches 
Add LDAP_BIND_DN and LDAP_BIND_PASSWORD that allow
apps to bind before a search. There appear to be two kinds of
ldap flows:

1. App simply binds using cn=<username>,$LDAP_USERS_BASE_DN. This
   works swimmingly today.

2. App searches the username under a "bind_dn" using some admin
   credentials. It takes the result and uses the first dn in the
   result as the user dn. It then binds as step 1.

This commit tries to help out the case 2) apps. These apps really
insist on having some credentials for searching.
 2015-09-25 21:28:47 -07:00
Girish Ramakrishnan
f57aae9545 Fix typo in assert 2015-09-14 11:09:41 -07:00
Girish Ramakrishnan
0c9618f19a Add ldap.stop 2015-09-14 11:01:35 -07:00
Girish Ramakrishnan
b584fc33f5 CN of admin group is admins 2015-08-18 16:35:52 -07:00
Johannes Zellner
ba7989b57b Add ldap 'users' group 2015-08-12 17:38:31 +02:00
Johannes Zellner
2436db3b1f Add ldap memberof attribute 2015-08-12 15:31:44 +02:00
Johannes Zellner
d66b1eef59 Better support for active directory clients 2015-07-28 18:39:16 +02:00
Girish Ramakrishnan
df9d321ac3 app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:10:36 -07:00