Le 25/08/2017 à 10:39, Clément OUDOT a écrit : > 2017-08-25 6:59 GMT+02:00 Luca Filipozzi <lfilipoz@debian.org>: >> On Wed, Aug 23, 2017 at 09:05:32AM +0200, Xavier wrote: >>> Le 23/08/2017 à 08:46, Alexander Wirt a écrit : >>>> On Wed, 23 Aug 2017, Philip Hands wrote: >>>> >>>>> Michael Lustfield <michael@lustfield.net> writes: >>>>> >>>>> ... >>>>>> Using Gitlab (or any VCS) as the user db for guest accounts means adding a >>>>>> dependency that could block future upgrades... kinda like now. This is not a >>>>>> future-proof design and will come at a future cost. >>>>> >>>>> I suspect that Alexander's intent was just to avoid blocking the gitlab >>>>> setup on having some SSO solution in place. >>>>> >>>>> If lemonldap-ng can make use of gitlab's guest data initially, then that >>>>> lets the two things be setup independently. >>>>> >>>>> Once lemonldap-ng is shown to do the job, I doubt it will be a big task >>>>> to transfer authority for the guest data into lemonldap-ng's control, >>>>> and then have gitlab use lemonldap-ng as it's source of that data. >>>> I dont' think Lemonldap-ng does usermanagement on its own. >>>> It is a replacement for sso.d.o which allows to have more backends and >>>> provides more frontends (like saml, oauth2 and so on) >>>> >>>> Alex >>> >>> You're right, LLNG doesn't provide usermanagement. Many user's use >>> https://lsc-project.org to populate a LDAP directory from any source. >>> Clément Oudot (leader of LLNG community) is also leader of LSC-Project. >>> You can ping him if you have any question on this >> >> LDAP sync isn't what is meant by 'user management'. Rather, it's a >> combination of self-empowerment (create account, manage profile, reset >> password) and delegation administration (role creation and assignment, >> etc.). Keycloak offers some of this functionality. Whatsay I stand up a >> demo and we can kick some tires? > > Keycloack might be a good solution. I suggest you also test > FusionDirectory which I often use with LemonLDAP::NG to provide a full > identity management solution : https://www.fusiondirectory.org/ > > I made a presentation about some free softwares products that can be > used together for identity management : > https://www.slideshare.net/coudot/rmll2017-des-logiciels-libres-pour-la-gestion-des-identits. > Sadly it's in french but you have all product names, screenshots and > links to websites. Hello, are some slides in english about FusionDirectory and the possibility, real users cases in english https://www.slideshare.net/benoitmortier/one-year-solving-infrastructure-management-with-fusiondirectory-and-openldap https://www.slideshare.net/benoitmortier/improving-the-ow2-infrastructure-with-fusiondirectory Feel free to talk to me directly if you have any questions > For information there will be a lot of presentation on this topic at > the next LDAPCon (https://ldapcon.org/2017/). Maybe some people from > Debian community can join us at this event. Cheers -- Benoit Mortier CEO OpenSides "logiciels libres pour entreprises" : http://www.opensides.eu/ Promouvoir et défendre le Logiciel Libre http://www.april.org/ Main developper in FusionDirectory : http://www.fusiondirectory.org/ Official French representative for OPSI : http://opsi.org/
Attachment:
signature.asc
Description: OpenPGP digital signature