LDAP: Fetch attributes in Bind DN context option

This is feature is workaround for #2628 (JumpCloud) and some other services that allow LDAP search only under BindDN user account, but not allow any LDAP search query in logged user DN context. Such approach is an alternative to minimal permissions security pattern for BindDN user.
2025-07-22 18:28:37 +00:00 · 2016-02-16 12:33:16 +01:00
parent e2f95c2845
commit 834d92a47b
5 changed files with 37 additions and 6 deletions
--- a/templates/admin/auth/edit.tmpl
+++ b/templates/admin/auth/edit.tmpl
@@ -79,6 +79,14 @@
 								<label for="attribute_mail">{{.i18n.Tr "admin.auths.attribute_mail"}}</label>
 								<input id="attribute_mail" name="attribute_mail" value="{{$cfg.AttributeMail}}" placeholder="e.g. mail" required>
 							</div>
+							{{if .Source.IsLDAP}}
+								<div class="inline field">
+									<div class="ui checkbox">
+										<label><strong>{{.i18n.Tr "admin.auths.attributes_in_bind"}}</strong></label>
+										<input name="attributes_in_bind" type="checkbox" {{if $cfg.AttributesInBind}}checked{{end}}>
+									</div>
+								</div>
+							{{end}}
 						{{end}}

 						<!-- SMTP -->