LDAP "createUser" and "updateUser" configuration setting in MISP core/files/configure_misp.sh

[escamudo]

Is it possible to add the "createUser" and "updateUser" setting to misp-docker/core/files/configure_misp.sh to enable automatic user information updates with each LDAP login?

The "updateUser" would allow MISP roles for LDAP groups to be refreshed automatically on the user's next login, ensuring that any role changes are immediately applied to users within the LDAP group. ( https://www.circl.lu/doc/misp/appendices/#appendix-f-ldap-authentication )

LDAP_DEFAULT_ROLE_ID="{"ldap_misp_group_publisher": 4, "ldap_misp_group_admins": 1}"

core/files/configure_misp.sh :

    sudo -u www-data php /var/www/MISP/tests/modify_config.php modify "{
        \"ApacheSecureAuth\": {
            \"apacheEnv\": \"${LDAP_APACHE_ENV}\",
            \"ldapServer\": \"${LDAP_SERVER}\",
            \"starttls\": ${LDAP_STARTTLS},
            \"ldapProtocol\": ${LDAP_OPT_PROTOCOL_VERSION},
            \"ldapNetworkTimeout\": ${LDAP_OPT_NETWORK_TIMEOUT},
            \"ldapReaderUser\": \"${LDAP_READER_USER}\",
            \"ldapReaderPassword\": \"${LDAP_READER_PASSWORD}\",
            \"ldapDN\": \"${LDAP_DN}\",
            \"ldapSearchFilter\": \"${LDAP_SEARCH_FILTER}\",
            \"ldapSearchAttribut\": \"${LDAP_SEARCH_ATTRIBUTE}\",
            \"ldapFilter\": ${LDAP_FILTER},
            #################### TO ADD ####################
            \"createUser\": ${LDAP_CREATE_USER},
            \"updateUser\": ${LDAP_UPDATE_USER},
            ###############################################
            \"ldapDefaultRoleId\": ${LDAP_DEFAULT_ROLE_ID},
            \"ldapDefaultOrg\": \"${LDAP_DEFAULT_ORG}\",
            \"ldapAllowReferrals\": ${LDAP_OPT_REFERRALS},
            \"ldapEmailField\": ${LDAP_EMAIL_FIELD}
        }
    }" > /dev/null

[ostefano]

How would those vars be initialized?

Can you create a PR?

[arteta22000]

big news: MISP/MISP#10038

Native LDAP integration coming soon.