Welcome to Teampass Feature Requests place
- using "New Feature" ONLY
- performing a search before creating a new request
- voting for the request you would like to see implemented
Thank you for your participation to this project.
Bug report MUST be performed in Github.
Any other topic is performed in Reddit
Currently theres no option to import active directory groups.
Would be very comfortable to assign/grant roles/privileges to active directory users and groups.
So it´s possible to manage privileges in a central way through active directory.
When you are on the way / out of office and a customer is calling you saying "my server has gone away" or asking for a password, then it is very hard to get it on a smartphone/tablet without a mobile web interface.
I could see this as a HUGE plus!! Possibly could be implemented with some teampass changes and some kind of KeePass plug-in that would allow a KeePass DB to sync to TeamPass based on the permissions and access according to the authenticating TeamPass user?? KeePass already has so manyclients for desktop and mobile devices. This would give the best of both worlds. The multi-user back-end of TeamPass (and web access) and open the door to the many KeePass client usage scenarios!!!
I'm not a developer so absolutly no idea how much work on either the TeamPass or KeePass side this would take.
When requesting a password if would be nice for a popup to display where you can enter the reason you require this password. The request and the reason should be logged and can be used to show auditors when a password was access and why it was required.
A function in Teampass to check LDAP/Active Directory Group membership before granting access to Teampass.
In larger organizations you (probably) don't want the whole Active Directory/LDAP User container to have access to Teampass. This could be managed by creating a Active Directory Group where it's members have access to Teampass and let Teampass check this group membership.
(need to have):
- When logging in for the first time with an Active Directory account, the account should be a member of the AD group specified in de settings section. If not, no account should be created in Teampass. An email should be sent to the administrator and a line written in the Log.(User "X" which isn't a member of group [teampass] tried to access Teampass.)
- When logging in normally (after the account has been created), the user should always be checked if he/she is a member of the group specified in de settings section, if not, the account should be locked. an email should be sent to the administrator telling that user x is no longer a group member and the teampass account is locked. Probably some logging should also be made... for auditing purposes.
(Nice to have)
Further implementation of LDAP/|Active Directory in Teampass. Assigning LDAP/AD groups to Roles, this way when a Role is created in Teampass you can assign a AD group to it. Management can be done by adding or removing users from the specific LDAP/AD group.
We discussed the (need to have) feature by Email, but i never posted an official feature request.
Customer support service by UserEcho