One thing we discussed with @pbouda was to provide tighter integration between apps.
We are already at an interesting situation where https://cloud.indie.host is getting user's information from https://mail.indie.host database.
Let's define an important person here, the
domain admin. The domain admin contacted us to host some software on its domain name. And it is the ruler on its own land of Internet. And it wants to manage its users their.
The really interesting for me is that:
as a domain admin
I can manage all emails/alias of my users
I can create/update/delete accounts
When I create an email account
An email gets send to the end user
This email contains all the connection details (user/pass/ smtp endpoint/webmail/cardav...)
and so this user gets access to its cloud also.
It is not perfect yet:
- the webmail doesn't get provisioned - fix here
- if the person changes it's password, the person has to fix his webmail - fix here
This is nice and good, but it feels a bit hacky as it relies on a MySQL database well configured with hash and salt, but still.)
But now we want more, we want to have one single place to define user/password, and with this, the user could authenticate to this actual forum, to the chat, to the wekan and to our future gitlab.
And also, the user would have one interface to change its credentials.
- I would have one interface to manage all my users. And I could have one chat instance on my own domain that could get users from this system as well.
- I want to be able to export my user list to go to another hoster
Luckally, a potential
domain admin contacted me with clear requirements:
- single user between Nextcloud and chat
- Nextcloud users do not necessarly have emails
It is really good we have a reall user with real needs, it helps usidentify that we need ldap.
LDAP will be enough for the beginning (rocket.chat allows ldap).
I just have one question though: how do I let my
domain admin manage its users? (phpLDAPadmin is not a valid answer, this interface is awful).