https://github.com/lldap/lldap logo
Join Discord
Powered by
# general
  • e
    that's great actually
  • e
    thx
  • z
    🤔
  • v
    hello, i need some help troubleshooting first login. Is this the right channel to talk about it?
  • n
    We have a dedicated #1422548966314086420 channel 🙂
  • v
    thanks. I am a lowly person with no pro tier access to discord. is there another way i can send you all information without discord bugging me about message too long?
  • n
    You can put the logs on pastebin or similar
  • v
    yeah i could have. I have divided up the message and i think it's fine now. Thanks
  • k
    Someone delete it please
  • k
    Thx
  • n
    (for context: this was a crypto scam, the account was potentially compromised)
  • k
    There are 2 more channels
  • k
    Ngl that was pretty quick 🙂
  • p
    hey, i have quick question - could LLDAP work on read-only database? We have "main" postgres instance with "main" LLDAP server, we would like to use users and groups from that server/database in another environment and since we cannot directly connect to the database our best idea is to simply replicate the database (from the main instance to the one in new environment) and keep it read-only to prevent any accidential data mismatch.
  • n
    Not really, no. It writes to tables on login/logout to keep track of logged in users
  • p
    though a proper read-only mode would be much better, to prevent for example migrations
  • z
    🤔 can't that be in a cache of sorts?
  • p
    hm, i will have a look on the schema, if that's in separate tables we can still work with that i suppose
  • z
    i suppose for long term sessions that makes sense but for short sessions it would make sense to be in like redis or in memory on the other hand i suppose lldap is made for some amount of scale
  • n
    Not if you want that to be shared with all instances
  • z
    ahhhh that makes sense
  • h
    Hello I have a question regarding passwords and authentication. We use LLDAP in AWS and want to use LDAP with our RDS Postgres Instances. AWS sucks and only supports LDAP through Active Directory when connecting to RDS instances. We had an idea of using a bash script or Ansible to query LDAP and push that data into Postgres configs. I would however need to be able to query the password hash, is this something I could do ?
  • n
    No, the password hash doesn't exist. We use a zero-knowledge proof for authentication, so the server doesn't have a "password hash"
  • h
    I figured
  • h
    Thanks tho 🙂
  • n
    Hey hey, potentially dumb question. Can I change the password reset url to use my reverse proxy address rather than localhost? Currently it sends
    Copy code
    http://localhost/reset-password/step2/************
    and I'd prefer it sent
    Copy code
    https://account.example.com/reset-password/step2/**********
    I see that it just copies the server url per line 91 in https://github.com/lldap/lldap/blob/main/server/src/mail.rs but my users don't have access to my localhost as they're not vpn-ing. Might've just missed the answer somewhere along the way, hence why I am here.
  • n
    That's the point of that setting. You set it to your public address for the password reset
  • n
    Is there a server url setting? I must be blind lol
  • n
    Ah found it, I was indeed dumb
  • n
    Fixed and working, ty