Documentation: Default role names to map to LDAP groups #1104

New Issue

Closed

opened 2026-02-04 23:47:45 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2026-02-04 23:47:45 +03:00

Owner

Copy Link

Originally created by @ookerberry on GitHub (Mar 23, 2019).

I am trying to use openLDAP groups to set roles in bookstack.
I cannot find in the documentation what the default role names are so I can create the appropriate LDAP groups that map to them.

What are the default role names? Are they:
admin
editor
viewer
public

I was looking for something in the documentation that described the default role names and permissions, but I could not fine any such documentation.
Also the LDAP documentation describes the rules for mapping names, but does not describe the default role names.

If the default role names listed above are correct, then my understanding is that if I create LDAP groups by the same name and set the variables in environment listed below, then, for example, a user in the LDAP group "admin" would be set to the role of "admin" in BookStack. Is this correct?
LDAP_USER_TO_GROUPS=true
LDAP_GROUP_ATTRIBUTE="memberOf"
LDAP_REMOVE_FROM_GROUPS=false

Originally created by @ookerberry on GitHub (Mar 23, 2019). I am trying to use openLDAP groups to set roles in bookstack. I cannot find in the documentation what the default role names are so I can create the appropriate LDAP groups that map to them. What are the default role names? Are they: admin editor viewer public I was looking for something in the documentation that described the default role names and permissions, but I could not fine any such documentation. Also the LDAP documentation describes the rules for mapping names, but does not describe the default role names. If the default role names listed above are correct, then my understanding is that if I create LDAP groups by the same name and set the variables in environment listed below, then, for example, a user in the LDAP group "admin" would be set to the role of "admin" in BookStack. Is this correct? LDAP_USER_TO_GROUPS=true LDAP_GROUP_ATTRIBUTE="memberOf" LDAP_REMOVE_FROM_GROUPS=false

OVERLORD closed this issue 2026-02-04 23:47:47 +03:00

OVERLORD commented 2026-02-04 23:47:51 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (Mar 24, 2019):

Also the LDAP documentation describes the rules for mapping names, but does not describe the default role names.

Yeah, I thought listing out the default roles could cause more confusion as they are only a default and will depend on the instance setup and somewhat the BookStack version. The rules for the mapping of names remain the same though so you can just apply the rules to the default roles.

What are the default role names? Are they:
admin
editor
viewer
public

Yes, That looks correct for a fresh install.

my understanding is that if I create LDAP groups by the same name and set the variables in environment listed below, then, for example, a user in the LDAP group "admin" would be set to the role of "admin" in BookStack. Is this correct?

Yes. Alternatively you can use existing LDAP groups and enter their names (Lower-cased and hyphenated) in the External Authentication IDs options when viewing a role in BookStack.

@ssddanbrown commented on GitHub (Mar 24, 2019): > Also the LDAP documentation describes the rules for mapping names, but does not describe the default role names. Yeah, I thought listing out the default roles could cause more confusion as they are only a default and will depend on the instance setup and somewhat the BookStack version. The rules for the mapping of names remain the same though so you can just apply the rules to the default roles. > What are the default role names? Are they: > admin > editor > viewer > public Yes, That looks correct for a fresh install. > my understanding is that if I create LDAP groups by the same name and set the variables in environment listed below, then, for example, a user in the LDAP group "admin" would be set to the role of "admin" in BookStack. Is this correct? Yes. Alternatively you can use existing LDAP groups and enter their names (Lower-cased and hyphenated) in the `External Authentication IDs` options when viewing a role in BookStack.

OVERLORD commented 2026-02-04 23:47:53 +03:00

Author

Owner

Copy Link

@ssddanbrown commented on GitHub (May 18, 2019):

Will now close this

@ssddanbrown commented on GitHub (May 18, 2019): Will now close this

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

further_theme_development

l10n_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#1104