Central User Management and SSO
General Tasks:
-
install and configure Keycloak -
install and configure OpenLDAP -
setup admin accounts -
propose user, group and role structure -
setup normal user accounts accounts -
notify user about their new user account -
configure user federation with LDAP -
setup permission structure
Integrate Platforms:
-
Git Service (Gitlab) -
MariaDB Frontend (phpMyAdmin) -
Dashboard (Traefik) -
Pad (Hedgedoc) #50 (closed) -
Blog (Wordpress) -
Wiki (MediaWiki) -
Cloud File Share (Nextcloud)
Handle Account Migration (Format: SSO Account -> Plattform Account)
-
foo -> ?:- Create platform account by impersonating the SSO account
-
foo -> foo:- Check if the owner of the SSO account is the same as the platform account
- migrate account to SSO
-
foo -> bar:- Check if the SSO account is the same as the platform account (match email)
- rename platform account and migrate to SSO
-
? -> qot:- user has no SSO account yet
- check if user is member of OSEG
- either create a SSO account or delete the platform account
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information