Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-30036

Allow admins to block users to update their details when imported from LDAP

    Details

      Description

      When LDAP authentication / import is enabled in Liferay, users should not be allowed to change and save their details in My Account. Their details will be overridden with values from LDAP, either when user is bulk-imported or logs in again. The same behavior may be added to Users Administration, as updating user details here also does not make sense.

      As not all users may be imported from LDAP, the feature should be configurable on per user basis. E.g. add portal config property listing email domains, that should / should not be blocked. Example:

      (1) users imported from LDAP have emails with @liferay.com or @sf.net, those should not be allowed to change their details, any other user can update details:

      user.details.update.enabled.whitelist=*
      user.details.update.enabled.blacklist=liferay.com,sf.net

      (2) Customer has external users in their Liferay DB (all with external-company.com emails) and imports internal users from LDAP (users have many email domains assigned). Only external users can update their details.

      user.details.update.enabled.whitelist=external-company.com
      user.details.update.enabled.blacklist=

      As LDAP import may be customized, it would also be good to allow admins to configure which fields should be blocked for LDAP imported users, like:

      user.details.ldap.field.blocked[com.liferay.portal.model.User.prefix]=true
      user.details.ldap.field.blocked[com.liferay.portal.model.User.firstName]=true
      user.details.ldap.field.blocked[com.liferay.portal.model.User.middleName]=true

      This may be integrated with / added to existing feature:

      field.enable.com.liferay.portal.model.Contact.male=true
      field.enable.com.liferay.portal.model.Contact.birthday=true
      field.enable.com.liferay.portal.model.Organization.status=false

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: