Context Navigation

← Previous Change
Ticket History
Next Change →

Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.

Changes between Initial Version and Version 7 of Ticket #11660

Timestamp:

04/03/14 14:48:57 (10 years ago)

Author:

bpindelski

Comment:

khgillen's particular issue could be first looked at from the CLI perspective - add an bin/omero ldap command that creates an Experimenter entry (i.e. mimics a login by the user) for an LDAP username supplied on the CLI (the username has to exist on the LDAP server, to which OMERO is configured to "speak"). This command would have to respect all omero.ldap.* settings.

Basically, https://github.com/openmicroscopy/openmicroscopy/blob/develop/components/server/src/ome/logic/LdapImpl.java#L386 but without the password checking line and limited to be called only by the Role.ADMIN OMERO users (or even only root).

Legend:

: Unmodified
: Added
: Removed
: Modified

Ticket #11660
- Property Cc drussell-x added
- Property Component changed from General to Security
- Property Summary changed from RFE: Don't require ldap/ad users to log in before being allocatable to gorups to RFE: Don't require ldap/ad users to log in before being allocatable to groups
- Property Priority changed from minor to critical
- Property Milestone changed from Unscheduled to 5.0.2

Ticket #11660 – Description

initial	v7
3	3	This is a nightmare when collaborating with remote users for the first time as it (typically) requires an extra round-trip communication, and leaves their first experience of OMERO one where they can't do anything, losing precious momentum and perhaps leaving a negative perception of OMERO.
4	4
5		Ideally: it would be nice to be able to search for name, or username, email address or all of them, (minimally ldap username), and be able to add them to an OMERO group before they have logged into the OMERO server.
	5	Ideally: it would be nice to be able to search for name, or username, email address or all of them, (minimally ldap username), and be able to add them to an OMERO group before they have logged into the OMERO server.