| #
0f498d06 |
| 03-Aug-2023 |
Andreas Gohr <andi@splitbrain.org> |
implement password expiry warnings. fixes #4
|
| #
08ace392 |
| 02-Aug-2023 |
Andreas Gohr <andi@splitbrain.org> |
support password changes
Internally this also changes the behviour to stay authenticated as the
actual user if the user logged in. This is needed to allow self-service
password changes.
This commit
support password changes
Internally this also changes the behviour to stay authenticated as the
actual user if the user logged in. This is needed to allow self-service
password changes.
This commit also contains a few cleanups.
show more ...
|
| #
5dcabeda |
| 30-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
make use of file system caching optional
|
| #
f17bb68b |
| 28-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
new approach for recursive groups
Instead of implementing the recursion client side, we ask the AD server
to resolve nested group memberships for us. This saves potentially many
network requests but
new approach for recursive groups
Instead of implementing the recursion client side, we ask the AD server
to resolve nested group memberships for us. This saves potentially many
network requests but may have performance penalties on the AD server
side. However it ensures, we can't make a mistake and thus makes our
code safer to run - also turns out my first attempt was checking nested
groups backwards.
See https://stackoverflow.com/q/40024425 for more discussions on
performance for this.
A config option allows to use the former much faster approach for setups
without nested groups.
Still to do: supporting user lookups by group this way.
show more ...
|
| #
bf69b89c |
| 21-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
first go at SSO
This basically copies the functionality from authAD
|
| #
0cddcb29 |
| 15-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
proper german group name
|
| #
c2500b44 |
| 15-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
make the primary group configurable
Because the Domain Users group can be localized, this makes it
configurable. The authAD library had a config to use "real" primary
groups where it would look up t
make the primary group configurable
Because the Domain Users group can be localized, this makes it
configurable. The authAD library had a config to use "real" primary
groups where it would look up the primary group by calculating the SID
and doing another check. We could copy that mechanism if needed later
on.
show more ...
|
| #
b914569f |
| 07-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
allow fetching of additional user attributes
Currently we reuqest all attributes from the server and only filter
later. This needs fixing.
|
| #
4b0f7b75 |
| 07-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
make page size configurable
The default of 1000 will quickly exhaust the memory available on typical
PHP setups. This lowers it to 150 which should be fine as is for
virtuallly everyone.
|
| #
9446f9ef |
| 07-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
fix admin user access
|
| #
6d90d5c8 |
| 07-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
some cleanup for the options
|
| #
79f39653 |
| 26-Mar-2020 |
Andreas Gohr <andi@splitbrain.org> |
wizard generated
|