You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Guillaume GILL 0c5c0eb510
Merge pull request #8 from compunautics/patch-1
6 months ago
octoprint_auth_ldap Allow user lookup by apikey 6 months ago
.gitignore Initial commit 4 years ago
MANIFEST.in Added forgotten MANIFEST.in 4 years ago
README.md Update README 1 year ago
babel.cfg Added babel stuff, Cleaning and moved requirements into setup.py 4 years ago
requirements.txt Make LDAP auth fonctionnal 1 year ago
setup.py Make LDAP auth fonctionnal 1 year ago

README.md

OctoPrint LDAP auth Plugin

This plugin allow users to be connected using an LDAP server. This system works

Details

When you try to login, OctoPrint search for user in this local database (users.yaml)

  • If it found a user, check if this user exists also on LDAP
  • If user exists on LDAP, use LDAP bind() to check login / password
  • If user not exists on LDAP, use native password system to check it

======================================

  • If it not found a user in local database, try to connect directly on LDAP
  • If login on LDAP il OK, a new local user is added with role “user” and a random password (password should never be used)
  • User is connected

======================================

  • An admin (default user for exemple), could change a user permissions or account state.
  • Password of LDAP users can’t be changed

Configuration

You could configure LDAP server in plugin config, or manually in config.yaml

accessControl:
  ldap_uri: ldaps://ldap.server.com/
  ldap_tls_reqcert: demand
  ldap_search_base: dc=server,dc=com
  groups: TheGroupName

Groups

  • You can list multiple groups via comma seperation: Group1, Group2, Group3.
  • Leaving blank will skip a group check.

Installation

You can install it using pip install https://github.com/gillg/OctoPrint-LDAP/archive/master.zip

Or with plugin manager into OctoPrint