LDAP #989

New Issue

Closed

opened 2026-02-04 23:33:12 +03:00 by OVERLORD · 2 comments

OVERLORD commented 2026-02-04 23:33:12 +03:00

Owner

Copy Link

Originally created by @cyberb on GitHub (Mar 25, 2021).

I wan to implement a simple LDAP auth as I need it for Syncloud (https://github.com/syncloud/platform) project.
Similar to this (2d011fff7d) once done for a rust pi-hole fork.
I have quickly checked the code and I think the logic will be as follows:

1. Configure ldap (enabled, address, binddn)
2. Change webui to allow non email username (optional)
3. Backend: if enabled and authenticated against LDAP
4. Backend: register user with the info from LDAP record if does not exist yet.

Any advices before I start?
I will do this anyway even if it will stay in my fork.

Originally created by @cyberb on GitHub (Mar 25, 2021). I wan to implement a simple LDAP auth as I need it for Syncloud (https://github.com/syncloud/platform) project. Similar to this (https://github.com/cyberb/api/commit/2d011fff7df062d36a6044806d2b7f893e74e334) once done for a rust pi-hole fork. I have quickly checked the code and I think the logic will be as follows: 1. Configure ldap (enabled, address, binddn) 2. Change webui to allow non email username (optional) 3. Backend: if enabled and authenticated against LDAP 4. Backend: register user with the info from LDAP record if does not exist yet. Any advices before I start? I will do this anyway even if it will stay in my fork.

OVERLORD closed this issue 2026-02-04 23:33:15 +03:00

OVERLORD commented 2026-02-04 23:33:18 +03:00

Author

Owner

Copy Link

@nightmared commented on GitHub (Mar 26, 2021):

Hello, I'm interested in such a feature too, but I wonder how this can work given the problems discussed at https://github.com/dani-garcia/bitwarden_rs/pull/677#issuecomment-553606347 (the fact that a password change in the LDAP directory will make the vault inacessible). Do you plan on adding an ldap attribute to store t fixed passwordfor the vault, or do you have another idea to solve this hurdle?

Thanks!

@nightmared commented on GitHub (Mar 26, 2021): Hello, I'm interested in such a feature too, but I wonder how this can work given the problems discussed at https://github.com/dani-garcia/bitwarden_rs/pull/677#issuecomment-553606347 (the fact that a password change in the LDAP directory will make the vault inacessible). Do you plan on adding an ldap attribute to store t fixed passwordfor the vault, or do you have another idea to solve this hurdle? Thanks!

OVERLORD commented 2026-02-04 23:33:21 +03:00

Author

Owner

Copy Link

@BlackDex commented on GitHub (Mar 26, 2021):

There already is a working solution which uses the official support directory tools from bitwarden. See: 85e3c73525
LDAP and SSO can only be used for account creation or validation. Not for auto login. You always need a master password to decrypt the vault.
So, what would be an addition to this project would be SSO, but that is a huge endeavor.

@BlackDex commented on GitHub (Mar 26, 2021): There already is a working solution which uses the official support directory tools from bitwarden. See: https://github.com/dani-garcia/bitwarden_rs/commit/85e3c73525d327042c1ad142e48c044a5dbdd89c LDAP and SSO can only be used for account creation or validation. Not for auto login. You always need a master password to decrypt the vault. So, what would be an addition to this project would be SSO, but that is a huge endeavor.

OVERLORD referenced this issue 2026-02-05 04:58:58 +03:00

[PR #989] [MERGED] Update responses #2816

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.4

1.35.3

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#989