Dominik Csapak
e65b53c6a9
Auth/AD: make PVE::Auth::AD a subclass of PVE::Auth::LDAP
...
this makes it much easier to reuse the sync code from LDAP in AD.
The 'authenticate_user' sub is still the same, but we now
can still use the get_users and get_groups functionality of LDAP
in the case of AD, the user_attr is optional in the config
(would have been a breaking change) but we set it
to default to 'sAMAccountName'
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-03-21 15:44:46 +01:00
Dominik Csapak
d9e93d2eca
use PVE::LDAP module instead of useing Net::LDAP directly
...
for things like connecting/binding/etc.
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2020-03-07 19:50:22 +01:00
Thomas Lamprecht
3b7eaef10f
ldaps: support TLS 1.3 as SSL version
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-11-06 20:24:00 +01:00
Alexandre Derumier
07dd90d731
ldap auth: add sslversion option
...
default to tls1.2
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
2019-11-06 20:05:06 +01:00
Dominik Csapak
8bdbfd4ddf
fix trailing whitespace
...
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2017-08-08 11:46:10 +02:00
Dominik Csapak
23e0cf85fd
fix #1470 : ad: server and client certificate support
...
as with ldap we now accept
the verify, capath, cert and certkey parameters for active directory
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2017-08-08 11:46:10 +02:00
Wolfgang Bumiller
8b600c4d27
Auth::LDAP, Auth::AD: ipv6 support
...
Also had to change server1/server2 schema from a pattern to
the 'address' format.
2015-12-03 12:08:56 +01:00
Dietmar Maurer
96f8ebd625
add basic support for two factor auth
2014-06-23 11:42:44 +02:00
Dietmar Maurer
11a9043610
use correct connection string for AD auth (use encryption and port info).
2014-05-22 07:12:25 +02:00
Dietmar Maurer
5bb4e06a64
new plugin architecture for Auth modules
2012-05-22 10:43:30 +02:00
