Contributors mailing list archives
Re: LDAP and MS Azureby
Glodo, Karl Southern
Is that something the Community has considered before and/or are there drawbacks?
The main issue is knowing what permissions to grant users on the Odoo side.
There are all sorts of tactics, for example, group memberships at the IDP which are used to drive group memberships in Odoo, etc. but eventually, there is always some exception or special case.
If you don't grant permissions based on information provided by the IDP then you just create a very restricted user, which needs to be edited anyway, at which point you might as well have not automatically created the user.
My personal opinion is that it's often wanted, but rarely practical outside of the largest organisations.
On Tue, Apr 25, 2023 at 3:27 PM Franklin Smith <email@example.com> wrote:
Thanks, all. The "auth_saml" OCA module works well. There's a request to have Odoo users created automatically if they don't exist in Odoo once they authenticate with AD. Similar to the LDAP functionatliy. Is that something the Community has considered before and/or are there drawbacks?On Sat, Apr 22, 2023, 8:37 AM Graeme Gellatly <firstname.lastname@example.org> wrote:I wrote a module for azure ad, but these days you can just backport odoo v16 oauth changes. However in odoonz addons there is a module for v14On Sat, 22 Apr 2023, 3:27 pm Dominique k, <email@example.com> wrote:There are third party modules that allow to do thisDominiqueOn Sat, 22 Apr 2023 at 03:22, Franklin Smith <firstname.lastname@example.org> wrote:Hello OCA Contributors. Have a client who is wanting to authenticate Odoo users with Azure Active Directory, and we're running in to some issues.Can anyone point me to resources about authenticating Odoo and Azure AD using LDAP? Recent web searches show this is complex and I'm learning Azure AD isn't completely LDAP compliant. Are there any resources or OCA modules related to oauth2 authentication with Azure AD?Thanks much!