Active Directory without admin bind (not anonymous) #7802
Unanswered
beredim
asked this question in
Help / Questions
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
I was trying to evaluate Wiki.js for usage in my organization and wanted to use our AD for authentication.
But I was concerned about storing any kind of credentials to talk with AD. And since our AD isn't setup for anonymous queries, I thought about using the user provided login credentials to also use to query AD.
I got the idea after seeing something similar being used at Forgejo --> https://forgejo.org/docs/latest/user/authentication/#ldap-using-simple-auth
But after searching I could not find similar functionality being offered with Wiki.js
So question 1: Am I correct, or is there something I missed?
Now, proceeding with the assumption that this functionality indeed does not exist, I proceeded with creating a new authentication strategy to achieve what I wanted, and I think it works (at least I can login, but I haven't tested it extensively). I had to use something passportjs/passport-ldapauth calls 'Asynchronous configuration retrieval' --> https://www.passportjs.org/packages/passport-ldapauth/#asynchronous-configuration-retrieval
I also used a lot of AI to help me, since I am not versed in javascript.
So for the rest of the questions:
2. Is this something that would benefit others?
3. Would a PR that includes AI generated code be acceptable?
Beta Was this translation helpful? Give feedback.
All reactions