I tried the beta LDAP integration for Vikunja, however, our LDAP provider requires anonymous binds for looking up the initial user tree. I tried using empty strings for username and password but this is not recognised as anonymous.
There seems to be an option using Go LDAP (Golang Ldap Authentication, Bind and Search, including Anonymous Bind · GitHub) for anonymous bind using UnauthenticatedBind. Would this be an option for Vikunja?
Happy to merge a PR implementing this.
LDAP support is a nightmare to maintain. I would recommend to remove its support in Vikunja and direct people to use an identity provider which specializes in LDAP.
I currently connect to Vikunja through LDAP using Dex. I cannot recommend this project enough. It works as advertised.
Thank you, @andrewwippler. Dex looks like an excellent choice for implementing authentication protocols, and I fully support solutions that don’t require writing new code. However, I’m currently having trouble configuring Dex for our specific scenario—namely, that the email and name
attributes are only available after a user logs in. I’ve opened a discussion on the Dex GitHub
(How to implement LDAP which shows certain attributes only for the respective authenticated user? · dexidp/dex · Discussion #4346 · GitHub) because this is more Dex‑related, but I would appreciate your input given your successful Dex and Vikunja setup.