We have a new integration with [linen.dev](linen.dev), so for questions that might be useful to someone else, I invite you all to create a thread so it can be indexed for search engines: https://www.linen.dev/d/898492935446876200

We're now the official recommendation by NextCloud for an LDAP server: https://github.com/nextcloud/all-in-one#ldap

Minor release v0.4.1 of LLDAP! https://github.com/nitnelave/lldap/releases/tag/v0.4.1 Release highlights: - STARTTLS for SMTP - user avatars - PKCS1 keys - better support for

ldap-auth

script - Lots of new guides! A big shoutout to everyone who participated!

LLDAP has now passed 2k stars on GitHub! Thank you all for your support 🙂 A quick update on the roadmap: - The main thing I'm working on when I have a chance is the much-requested https://github.com/nitnelave/lldap/issues/67, custom user attributes (support for SSH keys, PAM and more) - It's a rather complex feature, so now I'm laying the groundwork, preparing the DB schema changes, see https://github.com/nitnelave/lldap/pull/335 for instance - Then once the DB schema is more stable, I'll work on https://github.com/nitnelave/lldap/issues/87 (support for Postgres & Mysql) - Some more things I want to work on: - Integration with HaveIBeenPwnd (requires a paying API key, though): https://github.com/nitnelave/lldap/issues/39 - Group inheritance: https://github.com/nitnelave/lldap/issues/13 - Default (everyone) group: https://github.com/nitnelave/lldap/issues/180 - And some other small things (all issues in the repository) All the issues should be labeled with what they are about and the skills required, so if you want to help, there's plenty to do if you look at the #help-wanted or #good-first-issue (https://github.com/nitnelave/lldap/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22) issues. If you have frontend (read html+css) skills, you can contribute. If you know a bit of Rust, or want to learn some, most of the code is fairly simple, and you should be able to make small modifications without much trouble. And of course, you can help other users here with debugging their configurations! Thank you for this amazing community!

Hello everyone! I have a problem that I'd need your input for: - Currently, the most requested feature is custom attributes (being able to store SSH keys, support for PAM, etc) - That feature is relatively complex to implement properly, so I want to migrate to an ORM to simplify the code - Due to incompatible dependencies, the migration requires me to update the OPAQUE library that I'm using, which will in turn invalidate all the passwords (I'm checking with the library authors if I can do an automatic migration, but it's unlikely). - Upgrading is better for security anyway (see small issues like https://github.com/novifinancial/opaque-ke/issues/274). The question boils down to: if I make a new major release with new features like custom attributes and improved security and speed, but it requires you to reset all the passwords, would you upgrade? Vote 👍 for yes and 👎 for no.

Much awaited release 0.4.2! https://github.com/nitnelave/lldap/releases/tag/v0.4.2 This is a point release because it has no breaking changes, but it's far from a minor release! The highlights: - Support for MySQL/MariaDB/PostgreSQL - Better admin tools (healthcheck, migration to other DBs, consistent release artifacts, DB setup command, set user password through command line, support for LDAP browsing tools) - Better protocol support (plain SMTP, more LDAP operations to support more services, IPv6 support) - Lighter/better frontend (2.6MB -> 700 kB, dark mode) - 11 new services supported, with example configs Update on the roadmap: still mostly the same things as before, but a lot of the groundwork for https://github.com/nitnelave/lldap/issues/67, custom user attributes (support for SSH keys, PAM and more) has been laid, so progress should hopefully be a bit faster. A shout-out to @Pixel Razor who's off to a good start helping out, in particular with the frontend, and @xaverius666 who's our CI master!

We now have an organization for LLDAP, to help manage the repository! The repository is now lldap/lldap, but all references to the old repo will resolve to the new one. All the issues, comments, PRs and everything else have been migrated as well. The docker images are still nitnelave/lldap for now, but I'll look into having both nitnelave/lldap and lldap/lldap

Release 0.4.3! https://github.com/lldap/lldap/releases/tag/v0.4.3 This is a minor release to fix some pain points/bugs after 0.4.2. Highlights: - Fix rendering in Safari - Fix password reset redirection - Fix healthcheck with LDAPS - Add support for EC private keys

Hey everyone! Since LLDAP has been taking a big chunk of my free time in the last 2 years, and to help me sustain my efforts, I'm introducing a donation system to support the project: https://www.buymeacoffee.com/nitnelave There are various membership tiers with rewards, or you can just buy me a coffee! Think of the time you've saved by installing LLDAP instead of trying to configure OpenLDAP, and how much that's worth to you 😁 If you're using LLDAP in a professional context (for a lightweight test server, or as a fully-fledged user management system), consider becoming an LLDAP Patron to participate in future prioritization! And if you want to contribute more, you can always contact me 😉 Supporters will get a shout-out on various platforms (Discord, Twitter and Mastodon), and the patrons will also be mentioned in the Readme. Check out the membership page for the various tier rewards! And of course, if you don't want to contribute with money, there is plenty that you can do by helping with code, whether you have basic Rust skills, want to learn, or even with some web design. Cheers and thank you for this amazing community!

Hey everyone! To help with searchability on questions/answers, I enabled the Answer Overflow bot. In addition to creating threads in the #992916353847668756 channel (which we already had a bot for that), you can mark messages as solutions and the bot will (with your consent) index the messages to be more easily searchable. So if you don't mind, please provide your consent so your messages can more durably help the community: https://discord.com/channels/898492935446876200/992916353847668756/1151833243671351356

Major release 0.5.0! https://github.com/lldap/lldap/releases/tag/v0.5.0 Lots of small changes have been made since the last release, and even though I was waiting to be able to include https://github.com/lldap/lldap/issues/67 in a release, it's high time to have some sort of a release 😅 Highlights: - Potentially breaking change: emails and UUIDs are now enforced to be unique. - Better support for swarm setups with an environment variable to replace the server key file. - Fancier-looking logs ✨ - Lots of small compatibility changes and QoL improvements, adding official support for 14 new services! If you like this release and want even more, don't forget to help support the project: https://www.buymeacoffee.com/nitnelave Cheers and thanks again for this amazing community!

Hello everyone! I have a preview of the much awaited feature: custom user attributes https://github.com/lldap/lldap/issues/67 ! The only thing is, I haven't had time to make the web ui for it, so currently it can only be used through the graphql API directly. That feature unlocks a bunch of integrations, but the main 3 I'd like to start testing are Unix login (PAM+ sssd), windows login (samba) and ssh keys stored in LDAP. This is where you come in! I'm looking for volunteers to try the feature out. You can use the graphql playground, write a python script using the graphql schema, or just hand craft some curl request! Someone is also working on a CLI client in shell, I'll post updates when it's ready. If you want to help out, please come over in #975815392175980585 and we can figure things out together! The power of this community is amazing, we have configuration guides for so many services I didn't even know existed 🙂 Thank you, and together let's make more!

We now have a

-rootless

version of all the docker images! Feel free to switch from

latest

to

latest-rootless

or

stable-debian

to

stable-debian-rootless

, and so on. Make sure you change the UID/GID env variables into a

user: ${UID}:${GID}

in docker compose. If you run into any trouble, let us know!

(note that there are not actually any stable or version images with

-rootless

because they're built as they are released, so for now it's just

latest

and the date-based ones, e.g.

2023-12-28-alpine-rootless

)

Thanks @xaverius666 for implementing this

Woohoo! While I had my back turned, we passed the 100 contributors! And were also nearing 4k stars 🙂 Thanks everyone for your help! I've been crazy busy with life, and I barely have time to keep up with LLDAP and be responsive. But on the rare occasions where I have a bit of time, I'm chipping away at a PR to implement the web UI for custom attributes, picking up the great work of @Pixel Razor . Once that's done, we'll probably have a 1.0 release!

Hi again! Progress report on the UI for custom attributes, the blocker for a new release: user attributes UI has been merged! See https://github.com/lldap/lldap/pull/940 I'm looking for feedback: please try it out, try to break it, complain about the little things that don't go well, the small annoyances, the could-be-betters. In parallel, we will work on extending that to groups as well, and do some code duplication cleanup before a proper release. Feel free to either create issues or just send a message in #975815392175980585 with your feedback. The feature will be in the daily build (and latest image) starting from tomorrow. Major shout-out to @Pixel Razor and @bojidar-bg who picked up the abandoned PR and helped finish it, with major contributions!

Countdown to the release! We now have a release candidate! Please try out the latest snapshot (it'll maybe take a day to get a daily release), and report any issue you might have. Feel free to mess around with custom attributes, both users and groups. You currently cannot create groups with custom attributes, that's a known issue, but the rest should work (EDIT: you can create a group and then add custom attributes). Please also mention me on any issue that you think is release-blocking on GitHub.

And the release is there! 🎆 🎉 https://github.com/lldap/lldap/releases/tag/v0.6.0 Thank you everyone who contributed, whether it is in code, config guides, documentation, bug reports, answering stuff on this channel, or anything else.

Small 0.6.1 release to ship a fix to the 0.5->0.6 migration in case of duplicate memberships. Now SQLite works instead of apologizing that it doesn't know LIMIT, and PostgreSQL works instead of failing to use a LIMIT. Much better!

Shout out to @Jaiden who made a discord bot to sync discord roles to LLDAP, so you can use it as permissions for your services! https://github.com/JaidenW/LLDAP-Discord Paired with a paid role management service, you can directly and automatically sell access to your services!