mirror of
https://github.com/zulip/zulip.git
synced 2026-06-24 21:08:25 +08:00
fea4d0b2be
This fixes a collection of bugs surrounding LDAP configurations A and C (i.e. LDAP_APPEND_DOMAIN=None) with EmailAuthBackend also enabled. The core problem was that our desired security model in that setting of requiring LDAP authentication for accounts managed by LDAP was not implementable without a way to Now admins can configure an LDAPSearch query that will find if there are users in LDAP that have the email address and email_belongs_to_ldap() will take advantage of that - no longer returning True in response to all requests and thus blocking email backend authentication. In the documentation, we describe this as mandatory configuration for users (and likely will make it so soon in the code) because the failure modes for this not being configured are confusing. But making that change is pending work to improve the relevant error messages. Fixes #11715. |
||
|---|---|---|
| .. | ||
| _static | ||
| _templates | ||
| contributing | ||
| development | ||
| documentation | ||
| git | ||
| images | ||
| overview | ||
| production | ||
| subsystems | ||
| testing | ||
| translating | ||
| tutorials | ||
| .gitignore | ||
| code-of-conduct.md | ||
| conf.py | ||
| index.rst | ||
| Makefile | ||
| README.md | ||
| requirements.readthedocs.txt | ||
| THIRDPARTY | ||
Zulip markdown documentation hosted elsewhere
The markdown files in this directory ( /zulip/docs ) are not intended to be read on GitHub. Instead, visit our ReadTheDocs to read the Zulip documentation.