Disabling auth from LDAP directory #47
Comments
|
Hi, The plugin can auto-create the identities when the user logs in - so you might drop the synchronization with the directory and (except for true local accounts), make the shib-auth plugin the only way to log in. Would this (i.e., disabling the ldap sync) work for you? Cheers, |
|
sorry for the delayed reply... We have all users provisioned so they can be granted access to spaces before they login. On-the-fly account creation means they need to login first, then someone has to add them to appropriate groups/spaces. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We have recently enabled this plugin and it is working well. We use an LDAP Synced directory to provision/maintain our user accounts. We had to leave local logins available for users who do not have University credentials.
Our problem is that users can enter their LDAP credentials in the "local login" and be authenticated, bypassing Shibboleth and associated 2FA. Does any know of a way to disable auth from a directory while still keeping it for user provisioning?
Atlassian punted and said to "ask the plugin developer".
The text was updated successfully, but these errors were encountered: