ldap authentication

Discussion forum about Anuko Time Tracker
Post Reply
utrx
Posts: 4
Joined: Thu Mar 29, 2018 2:51 am

ldap authentication

Post by utrx » Thu Mar 29, 2018 2:55 am

Hi,

ldap authentication seems to require the user to exist in the Time Tracker db. But there are thousands of users in the ldap directory.

Isn't there a way around this requirement?

wrc
Posts: 251
Joined: Tue May 25, 2010 8:30 pm

Re: ldap authentication

Post by wrc » Thu Mar 29, 2018 2:49 pm

Users in Time Tracker have an ID, and also belong to a group. They are also assigned to some projects for time tracking, unless you are in time only tracking mode. They also have something called a role (user, supervisor, co-manager, manager, etc.) and other attributes.

Everything user does in the system is based on user_id, so the account must exist.

If you have thousands of users, they are probably organized in smaller groups, and most likely they have different roles.

Currently, there is no self-registration code in Time Tracker that trusts LDAP server and inserts users automatically somewhere with some default attributes. Also, there are no bulk user import tools that I know of. Perhaps, someone should create such tool.

Or maybe you can be better off with a customization exactly for your situation.

Note that work on subgroups is currently in progress. Someone working on a tool for large organization must take it into account.

utrx
Posts: 4
Joined: Thu Mar 29, 2018 2:51 am

Re: ldap authentication

Post by utrx » Thu Mar 29, 2018 3:14 pm

Hi wrc,

Thanks!

Diving deeper into the code, I figured as much. The local db record is needed to get all that additional information. The ldap integration is just a basic bind check.

I think the least troublesome course of action would be to look into bulk user import direct into the db of some sort

Post Reply