It would be very helpful to have a Heira module to read secrets (including file attachments) from the TeamPass API.  This would allow us to manage passwords, secrets and certificates from puppet with them stored inside TeamPass, retrieving via the existing heira method.

As an example of how to do this with the Hashicorp Vault API, you can see here: https://github.com/jsok/hiera-vault .  It would probably be similar with TeamPass.

I suspect this may be something better produced and managed by the community, and that if provided you'd then have to provide something for Chef, Ansible, etc, but it's a very useful thing to provide

I  am new to Teampass  I want know how folders / Role & user created or added . 

I wanted allow AD user access folder or items 

NArsinh 

Hello,

first, TeamPass is a very cool, feature reach and sophisticated tool!

It would be nice to have an additional meta user in the email notification feature, where one can send the email to all affected users. E.g. a special meta role such "all" or "affected". If one change a password and choose to send the email to "all", than all users who can at least view this password get informed.

Thanks a lot!

When verifying a 2FA code, the discrepancy (time leeway for auth codes) is hardwired to +-1 (this is when calling verifyCode() from identify.php).  It would be helpful to be able to configure this from within TeamPass, since this gives very little leeway for devices with clock errors and slow typers.  Many places will use 2 or even 3 for this setting depending on their users.

Please can we add a configuration item to the 2FA settings to allow this to be changed from the default of 1.

The current system allows you to view the previous unencrypted values of passwords in both the history, and on the edit page.  This is potentially insecure as it can allow people to view a pattern or common passwords that are reused (yes, both of these are a problem in themselves, but lets minimise the risk).

I would like to be able to have a configuration switch to disable the display of unencrypted previous passwords on the edit page, and in the logs.

After using TeamPass for a bit, i was looking to make the environment Highly Available.

One way of doing this with MySQL/MariaDB/Percona is using the Galera Clustering.  The problem is that the data structure for TeamPass is not supported on Galera/XtraDB environments since every table must have a unique id/primary key to ensure replication.

Looking at the table structure, it looks like some of the tables may be as simple as changing the id column to be a primary key but others look like they are used without a true id column.  I'm not 100% sure that will allow support with Galera (there might be more - still researching).

What i do know is that I cannot install on a Galera DB and if I install on a non-Galera DB export to a Galera Cluster, the application doesn't show folders or users properly under the admin console.

-David

When creating/editing a user there should be an option to have local or remote authentication.  This could be accomplished with a check box for "local account".

See the closed github bug ref # 1896 for further information on this feature request.

Currently, to edit or delete an item, you select it in the list pane, then select 'edit' or 'delete' from the list pane menu.

However, this seems counter-intuitive when the item is displayed in the preview pane.  I would expect to find an 'edit' and 'delete' option in the list-pane menu, at least when an item is displayed.

Can we have these two commands added to the preview pane menu for ease of use?

It may also be helpful to have 'edit' 'delete' and 'add' as separate buttons entirely, for ease of use

Debugging authentication issues is awkward.  It would help to have a Debug mode available for this.  For example, in the LDAP Configuration page, there is a test available, but it does not provide any details as to why a login failed - it could be in bind, search, group, password...  It would be helpful to have details on exactly what was done.  Also, in a "Debug authentication" mode, we could get detailed logs of all logins, so as to be able to track down configuration issues with 2FA and multiple login methods.