From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 7DB4199A6 for ; Mon, 26 Jun 2023 11:39:28 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 5CF4A25E06 for ; Mon, 26 Jun 2023 11:39:28 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Mon, 26 Jun 2023 11:39:27 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id A318843D07 for ; Mon, 26 Jun 2023 11:39:27 +0200 (CEST) From: Stefan Sterz To: pbs-devel@lists.proxmox.com Date: Mon, 26 Jun 2023 11:39:12 +0200 Message-Id: <20230626093916.701659-1-s.sterz@proxmox.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.096 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pbs-devel] [PATCH proxmox(-backup), widget-toolkit 0/4] improve ldap configuration handling X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Jun 2023 09:39:28 -0000 this patch series does two things: 1. it improves the creation and updating of ldap configurations by checking it against an ldap directory instead of a regex. thus, increasing the likelihood of the configuration being correct 2. remove the ability configure and use unauthenticated binds. unauthenticated binds are generally discouraged and we don't support them in proxmox ve either, so remove them in the backup server too. removing unauthenticated binds is a breaking change as some users may already rely on this functionality. Stefan Sterz (1): window: ldap auth edit forbid specifying a bind_dn without a password src/window/AuthEditLDAP.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.39.2