[ome-devel] LDAP question
Josh Moore
josh at glencoesoftware.com
Thu Sep 11 14:00:50 BST 2014
Hi Yanling,
in addition to Ola's comment, a few additional answers:
On Sep 11, 2014, at 2:53 PM, Aleksandra Tarkowska wrote:
> We want to prepare OME so users can login to see their existing images rather than letting them to login in order to create their accounts. Could we first create user accounts in OME using "bin/omero user add" and then configure OME to use LDAP?
This you can do either via:
* bin/omero user add
* bin/omero ldap setdn
or
* bin/omero ldap create
> How do we turn off automatic account creation once we enable LDAP?
Currently this isn't possible with the regular LdapPasswordProvider. A subclass of that provider could provide such a flag. We'll look into this as an option for the next release.
> If LDAP is enabled, would it be possible to login using local root user?
Yes. The OMERO root is always non-LDAP.
> Would it be possible to create more local users such as a dedicated local "importer" account, while other users still use LDAP passwords to login?
Yes. Only those users who have a DN set in the "password" table will be authorized against LDAP.
Cheers,
~Josh.
More information about the ome-devel
mailing list