Centralized account management missing (Active Directory / LDAP) #379

New issue

Closed

opened 2026-02-19 23:07:39 -05:00 by deekerman · 7 comments

deekerman commented 2026-02-19 23:07:39 -05:00

Owner

Copy link

Originally created by @Expro on GitHub (Aug 11, 2020).

Originally assigned to: @lastzero on GitHub.

Any plans to add support for Active Directory, LDAP or other centralized account management options?

Originally created by @Expro on GitHub (Aug 11, 2020). Originally assigned to: @lastzero on GitHub. Any plans to add support for Active Directory, LDAP or other centralized account management options?

deekerman 2026-02-19 23:07:39 -05:00

• closed this issue
• added the
  question
  label

deekerman commented 2026-02-19 23:07:40 -05:00

Author

Owner

Copy link

@lastzero commented on GitHub (Aug 11, 2020):

Maybe in a future "pro" release or commercial add-on as we expect this to be (primarily) used in business environments. It's not our goal to provide a free enterprise solution.

@lastzero commented on GitHub (Aug 11, 2020): Maybe in a future "pro" release or commercial add-on as we expect this to be (primarily) used in business environments. It's not our goal to provide a free enterprise solution.

deekerman commented 2026-02-19 23:07:40 -05:00

Author

Owner

Copy link

@Expro commented on GitHub (Aug 11, 2020):

Well, to be honest, using LDAP / AD got nothing to do with business or enterprise - with multiple community driven open source projects running, creating local accounts on every one of them quickly gets out of hand. That's why all popular open source projects supports it, even in community editions, despite having paid support options (to name few: Nextcloud / OwnCloud, Jellyfin / Emby, Organizr, pfSense, FreeNAS).

@Expro commented on GitHub (Aug 11, 2020): Well, to be honest, using LDAP / AD got nothing to do with business or enterprise - with multiple community driven open source projects running, creating local accounts on every one of them quickly gets out of hand. That's why all popular open source projects supports it, even in community editions, despite having paid support options (to name few: Nextcloud / OwnCloud, Jellyfin / Emby, Organizr, pfSense, FreeNAS).

deekerman commented 2026-02-19 23:07:40 -05:00

Author

Owner

Copy link

@lastzero commented on GitHub (Aug 11, 2020):

We'll get in touch with the community once we are ready to implement new features. They will be implemented based on demand / perceived value. So if enough users need this, we'll do it. However, we can't continue to provide everything for free, especially advanced features that could be used in enterprise environments. Not saying you would do this. Thanks for your feedback!

@lastzero commented on GitHub (Aug 11, 2020): We'll get in touch with the community once we are ready to implement new features. They will be implemented based on demand / perceived value. So if enough users need this, we'll do it. However, we can't continue to provide everything for free, especially advanced features that could be used in enterprise environments. Not saying you would do this. Thanks for your feedback!

deekerman commented 2026-02-19 23:07:40 -05:00

Author

Owner

Copy link

@lastzero commented on GitHub (Aug 11, 2020):

See also Multi-User Photo Gallery with private and shared photos/albums #98

@lastzero commented on GitHub (Aug 11, 2020): See also [Multi-User Photo Gallery with private and shared photos/albums #98](https://github.com/photoprism/photoprism/issues/98)

deekerman commented 2026-02-19 23:07:41 -05:00

Author

Owner

Copy link

@lastzero commented on GitHub (Aug 11, 2020):

I assumed proper "centralized account management" includes support for multiple, completely independent user accounts as discussed in #98. Limiting LDAP support to a single account will be much easier.

If someone has time to implement this, we'll of course merge it given it is well tested and doesn't introduce security or performance issues. Since we don't have a huge team of developers, we're very careful with introducing complexity to the project. That includes features with potentially high security or performance impact and high testing effort that only very few users actually need / use. This in fact was the first time someone asks for LDAP. Should this become a very common use case for the community edition, we can absolutely put it on the todo list.

@lastzero commented on GitHub (Aug 11, 2020): I assumed proper "centralized account management" includes support for multiple, completely independent user accounts as discussed in #98. Limiting LDAP support to a single account will be much easier. If someone has time to implement this, we'll of course merge it given it is well tested and doesn't introduce security or performance issues. Since we don't have a huge team of developers, we're very careful with introducing complexity to the project. That includes features with potentially high security or performance impact and high testing effort that only very few users actually need / use. This in fact was the first time someone asks for LDAP. Should this become a very common use case for the community edition, we can absolutely put it on the todo list.

deekerman commented 2026-02-19 23:07:41 -05:00

Author

Owner

Copy link

@tigattack commented on GitHub (Nov 12, 2020):

I understand you don't want to implement a "free enterprise solution", but could you not go with a pricing scheme of "free for home users" with a limitation of, for example, up to 15 users, including "enterprise" features such as LDAP authentication, which would be really appreciated by many, I am sure.

Businesses would then pay for higher plans as they'd have more users, and you'd get the licensing revenue you need whilst keeping home users happy.

@tigattack commented on GitHub (Nov 12, 2020): I understand you don't want to implement a "free enterprise solution", but could you not go with a pricing scheme of "free for home users" with a limitation of, for example, up to 15 users, including "enterprise" features such as LDAP authentication, which would be really appreciated by many, I am sure. Businesses would then pay for higher plans as they'd have more users, and you'd get the licensing revenue you need whilst keeping home users happy.

deekerman commented 2026-02-19 23:07:41 -05:00

Author

Owner

Copy link

@lastzero commented on GitHub (Nov 12, 2020):

We're working something out right now and will move on from there once we have LDAP done :)

@lastzero commented on GitHub (Nov 12, 2020): We're working something out right now and will move on from there once we have LDAP done :)

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

preview

feature/eslint-workspace-setup

web-ui-settings

main

feature/postgresql

update-install-ffmpeg

manually-mark-faces

release

fix-chip-selector

feature/batch-edit

fix-location-dialog

fix-person-add

albums-multi-select-add

convert-vitest

arch/armv7

scratch/frontend

feature/pkg-vector

feature/Add-Toggle-to-Flag-Unflag-Pictures-as-Favorites-#4700

feature/add-a-Button-to-Open-the-Edit-Dialog-#4701

snyk-fix-a18f3b867b474d01546caa6b2ffb4e33

snyk-fix-9052b9d9f65ff54a352cb1daabdcefec

snyk-fix-05e780c8a2fcb550559875e0344f1151

snyk-fix-696fe57b8a4621885956822debda650c

snyk-fix-4aae5f1839c69bfa8bd6b604b0e44fb8

snyk-fix-9afbb533ba192334eee7b4fe3aeefa9b

snyk-fix-da5002d9fa0172fa58a98b00c749e3ed

snyk-fix-c69dc41f471531e77ce9ddff82b5351f

feature/video-player

snyk-fix-85d266a32f306697f98ee5ea793e57e3

snyk-fix-5b0185163b112042eafc9a11985eb592

l10n/frontend

l10n/backend

feature/oidc-v2

acceptance-tests

feature/people

1151-apple-photos-xmp

translate

feature/filebrowser

feature/sharing

feature/246

feature/slideshow

upgrade/vuetify2

251130-b3068414c

250707-d28b3101e

250426-27ec7a128

250425-21ddba459

250321-57590c48b

250228-43447fa38

250224-834c16bc7

250223-b79d21907

240915-e1280b2fb

240711-2197af848

240531-60b3a4628

240528-977d6c0de

240523-923ee0cf7

240420-ef5f14bc4

231128-f48ff16ef

231021-9abea5b55

231011-63f708417

230923-e59851350

230719-73fa7bbe8

230625-17242fb07

230615-90a18f6e7

230607-9e086c7eb

230603-378d4746a

230513-0b780defb

230506-9de9a3540

230504-cbf48798c

230502-c405f6eff

221118-e58fee0fb

221117-3268c4de8

221116-122ebfb70

221105-7a295cab4

221104-20d180b21

221103-211eb36ea

221102-905925b4d

220901-f493607b0

220730-0e1222c83

220728-729ddd920

220629-5d7448d2

220617-0402b8d3

220614-dea9ff68

220528-efb5d710

220527-005770ca

220524-c76de0df

220517-b9c68f8f

220302-0059f429

220121-2b4c8e1f

220118-76c94a1f

220107-f5b7ef83

211215-93b26f19

211210-2cb90e7e

211203-fdb6b5e1

211130-13cfcf6d

211128-7e8974fd

211127-86c43159

211018-e200f322

211010-83b4f783

211009-d6cc8df5

211007-8f55d6f8

211002-bf015326

210925-96168e4b

210523-b1856b9d

210520-4b32bac7

210519-24b5c7e6

210518-80981c25

210505-d3e53a89

210426-da6e948f

210422-97e75b04

210222-ac5a9d5e

210217-49039368

210216-4939e36a

210211-b9595dd4

210208-9e10ba69

210128-a82061e0

210121-07e559df

210120-e7cd5e9a

210119-a5399f06

210111-cc05c430

210104-7f9e806a

210102-af71e5f7

Labels

Clear labels   

ai

  

android

  

api

  

auth

  

awesome

  

bug

  

bug

  

ci

  

cli

  

config

  

database

  

declined

  

deprecated

  

docker

  

docs 📚

  

documents

  

duplicate

  

easy

  

enhancement

  

enhancement

  

enhancement

  

epic

  

faces

  

feedback wanted

  

frontend

  

hacktoberfest

  

help wanted

  

idea

  

in-progress

  

incomplete

  

index

  

invalid

  

ios

  

labels

  

live

  

live

  

low-priority

  

macos

  

member-feature

  

metadata

  

mobile

  

nas

  

needs-analysis

  

no-coding-required

  

no-coding-required

  

observability

  

performance

  

places

  

please-test

  

plus-feature

  

priority

  

pro-feature

  

question

  

raspberry-pi

  

raw

  

released

  

released

  

released

  

research

  

resolved

  

security

  

sharing

  

tested

  

tests

  

third-party-issue

  

thumbnails

  

upgrade

  

upstream-issue

  

ux

  

vector

  

video

  

waiting

  

won't fix

  

won't fix

No labels

ai

android

api

auth

awesome

bug

bug

ci

cli

config

database

declined

deprecated

docker

docs 📚

documents

duplicate

easy

enhancement

enhancement

enhancement

epic

faces

feedback wanted

frontend

hacktoberfest

help wanted

idea

in-progress

incomplete

index

invalid

ios

labels

live

live

low-priority

macos

member-feature

metadata

mobile

nas

needs-analysis

no-coding-required

no-coding-required

observability

performance

places

please-test

plus-feature

priority

pro-feature

question

raspberry-pi

raw

released

released

released

research

resolved

security

sharing

tested

tests

third-party-issue

thumbnails

upgrade

upstream-issue

ux

vector

video

waiting

won't fix

won't fix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/photoprism#379

No description provided.