ZOOM
-
Posts
8 -
Joined
-
Last visited
Everything posted by ZOOM
-
+1
-
Hi, As an admin I want to have ability to enable/disable security group for syncing non-existent users to Passwordstate if global sync of non-existent users to Passwordstate is enabled. Goal is to have just one exact group called i.e. "Passwordstate Users" which will sync all non-existent users from AD to passwordstate to automatically enable them access, but not to anybody else in any other group. We have several groups like "DevOps" which contains not just devops engineers, but also their scrum master. Scrum master must not have access to passwords anytime. It's same for all other engineering teams, there is always at least one person which must not access passwords, but rest of teams must access all passwords shared to team. I can imagine that on each Security Group imported from AD will be Flag which will be possible to enable or disable and will achieve required scenario. I.e. by default it will be enabled, but as admin I will be able to disable sync during importing process (or later enable/disable). Something like screenshots below. In this case I think it will be very easy to implement, because it’s just a flag in one table and enhancement in AD Sync which will check for each group if it shouldn’t be skipped. No need to change rest of sync process. I think much more people will benefit from this.
-
Hi, Passwordstate currently sync just Security Groups members, but nothing else. As an admin I want to get synced all AD user attributes into Passwordstate anytime it's changes in AD by schedule. (i.e. first name, last name, email, username, department, office, etc...) Thanks
-
User search base DN & Filter for Active Directory Domain
ZOOM replied to Tobias k's topic in Feature Requests
+1 -
Scanning an Active Directory OU and adding each group into Passwordstate
ZOOM replied to support's topic in Passwordstate API
+1 -
+1 another level of permissions would be great. To split Folder/Password List level from passwords itselfs. i.e. thera are some usecases in advanced permissions level, where I want to grant just "browse folders/password lists" permission, but user will not see any password in any list, just list itself.
-
+1
-
Hi, Passwordstate is not able to parse IPv6 address from X-Forwarded-For, so therefore Audit Logs still showing Apache/Nginx reverse proxy IPv6 Address. On dual-stack enabled networks it's a security and compliance problem as compliance officers does not know what IP address was accessed password from. IPv6 support is a must in these days. Thanks
