Assign user group from LDAP

[VannTen]

I'm setting up a ttrss instance for my company, and would like to assign user group from the LDAP plugin authentication.

Would you know if it is possible, and if not, whether it would be hard to implement it (I have not that much experience in php, but I could give it a shot) ?

I asked the same question on ttrss forums, where fox suggested me to ask it here instead.

Thank you.

[hydrian]

Are you asking if you want to limit users who can authenticate to TTRSS by group or asking if you can set different TTRSS group privileges via LDAP group?

[VannTen]

The second, if I can set TTRSS group via LDAP group. (Perhaps in a more general way, if ttrss can be made to refer to LDAP for most user stuff, like e-mail address also).

[hydrian]

I'll have to see how TTRSS does user group appending for allowing LDAP groups to per authorization level.

As for making the user's name their e-mail address, that should be doable now.

(this is assuming MS AD)

1. Set your LDAP_AUTH_LOGIN_ATTRIB to 'mail'
2. set your LDAP_AUTH_SEARCHFILTER to something like this (&(objectClass=user)(|(sAMAccountName=???)(mail=???)))

[VannTen]

As for making the user's name their e-mail address, that should be doable now.

I was more thinking making ttrss use the mail address registered in LDAP for the digests.

[hydrian]

Got it.

[hydrian]

Looked that the current API in TTRSS, there is no way to fully manage user's just from LDAP. I'm still looking into the the auto user account setup functions if it can prefill the account's from the LDAP mail attribute on first user creation.