Operational issues and rethinking integration into Bitwarden about directory-connector HOT 10 CLOSED

Since the GUI is a nodejs app is there anything preventing the current iteration from just being launched in a docker container and persisting settings/other information to a volume?

This would allow for more tightly coupling it with the on-premise version, via launching as part of the bitwarden.sh script, while simultaneously still allowing it to be run as a standalone application via a docker run command.

This would also allow for multiple admins to use the application since it wouldn't be storing access credentials on the management endpoints.

from directory-connector.

As far as I understood, the cli is only supposed to be used once it was set up with the Desktop application.

You can certainly use the CLI without the companion desktop app on a headless system. That's why we created it.

Your suggested solution is not a bad one. It makes sense, but it is not possible for scenarios where a company wants to use AD sync with the cloud-hosted solution.

from directory-connector.

Hi,

Could this be containerised, like the Bitwarden server-side please?

This is essentially a pieces of software that usually runs on a server, not on local machines.

Thanks,

from directory-connector.

It would be amazing if this can be integrated into the Business Portal, similar to SSO. It'll be seamless with the rest of the setup.

A major client with 1000s of employees chose LastPass over Bitwarden just because of this. They didn't want to deal with the hassle of maintaining a separate application as they were trying to go SaaS completely.

In the meantime, is there anyway to use the same instance for multiple sync profiles/bitwarden organisations?

Thanks,

from directory-connector.

This tool is a ticking time bomb. For some reason it just removed hundreds of users from my organization and now I have to spend days inviting/accepting everyone back again.

This is really frustrating.

from directory-connector.

What do you guys think about SCIM as an alternative to Directory Connector for user management

Most IdPs support provisioning via SCIM, including Azure AD.

from directory-connector.

As far as I can see it doesn't support Active Directory.

from directory-connector.

@edermi - Yes, same. I don't think Active Directory has SCIM support. However, Azure AD Free supports upto 50k objects and has User Provisioning. So, it could be done that way.

AD -> Azure AD Connect (for OnPremises Data Sync) -> AzureAD -> Provisioned via SCIM to Service Providers (e.g: Bitwarden)

That way, AD Admins won't need to install vendor specific Directory Sync Tools for each service. They could just use the AAD provisioning tool out-of-the-box and as a SaaS.

from directory-connector.

This is a different discussion. There are many reasons not to use cloud products.

This issue is about integration of the existing sync client, which supports more directory services than your proposed solution, into the server components.

from directory-connector.

Hi all! In the time since this issue was opened, we've relocated feature requests and user-to-user support to the community forums. I'll close this thread, but please feel free to create a new post in the community forums to discuss alternative solutions or to request a change in our approach.

We use GitHub issues as a place to track bugs and other development related issues. The Bitwarden Community Forums has a section for submitting, voting for, and discussing product feature requests like this one.

Please sign up on our forums and search to see if this request already exists. If so, you can vote for it and contribute to any discussions about it. If not, you can re-create the request there so that it can be properly tracked.

This issue will now be closed. Thanks!

from directory-connector.