I'm able to attach my IPA server as an authentication backend for teampass, however IPA uses RFC2307bis; as far as I can tell, the only important difference is that your search filter on groups should be 'member' , not 'memberUid', in admin.queries.php, identify.php, and main.functions.php.  'memberUid=<user>' returns 0, while 'member=<user>' returns ldap directory data.

Hello dear Nils,

I found that the expiration time for offline files has been set to 1 week

First I was very puzzeled, when I opened a file older than one week, because this is not mentioned in the documentation

Then after some search I found the corresponding github entry

--> https://github.com/nilsteampassnet/TeamPass/pull/1874/commits/d064343e089192e9ea673e96a84312b83a649bee?utf8=%E2%9C%93&diff=unified

The idea of having an expiration date is indeed a good one and very helpful.
It would be nice, to also have the option, to customized the expiration time in the administrative backend

E.g. for my purposes it would be helpful to set it to five weeks.

As long as this is not possible:
will it be a functional workaround, to multiply the value on line 746 in the file "export.queries.php" by 5

or are there other values to change as well, to acheive my goal ?

Your assistance is very appreciated.

Currently one has the option to use all special characters including things like "^ . }" etc. These are often not accepted because they can cause problems in parsing on certain systems. It would be nice to have the option of selecting your own set of special characters so you can limit it the ones you know are accepted.

When calling the API, the apikey is passed in the Querystring as an argument.  This is suboptimal as this may result in it being written into log files, leaking information.

Better, and more secure, would be for the apikey to be passed via JSON in a POST body, possibly also along with the various other parameters currently found in the path_info string.

The current logging (to syslog) is pretty basic.  It would be helpful if it were expanded to a more parseable format , eg JSON.  Also, when copying to clipboard, only the item number is recorded.

Current logging format example:

Mar 22 00:54:55 localhost teampass: The password of Item #11 was copied to clipboard by steves.
Mar 22 13:55:13 localhost teampass: The Item anotheritem was at_shown by steves
Mar 22 13:55:26 localhost teampass: The Item foo was at_shown by steves
Mar 22 13:55:30 localhost teampass: The Item foo was at_modification by steves at_description

This would be better in the following format:

Mar 22 00:54:55 localhost teampass: action=copy attribute=password itemno=11 user=steves itemname="anotheritem"

Mar 22 13:55:13 localhost teampass: action=show itemno=11 user=steves itemname="anotheritem"

Mar 22 13:55:26 localhost teampass: action=show itemno=19 user=steves itemname="foo"

Mar 22 13:55:30 localhost teampass: action=modify attribute=description itemno=19 user=steves itemname="foo"

This format is clearer and can easily be parsed by audit tools e.g. Logstash, rsyslog, for later reporting.

In addition, we should be able to specify the Syslog Facility and Severity codes, as these logs may want to be assigned to auth/info for example.

Hello,

could you please add the full folder path in the email body. For example if we have the following folder structure:

Company -> Devs -> Systems -> machineXYZ

then in the email is currently only "machineXYZ" referenced. It would be better to have the full path, e.g. "Company -> Devs -> Systems -> machineXYZ"

Many thanks for this great tool!

Hi there !

First of all , I need to tell you that we save a lot of time thanks to your password manager !

Thanks you for that

We want to gain more time by the way of the automation and the teampass API .

But we have a lot of folder , order by business/Job/Envireonnement/etc..

It's difficult for us to loop throught it via the API .

May you can add some new function to the API to find a item by label without folder ?

I change the code in our own version to test my thought , and it works as expected.

I just clone the parts :

           if ($GLOBALS['request'][1] == "item") {
                /*
                * FIND ITEMS in FOLDERS
                */

in the file /var/www/teampass/api/functions.php

I comment every place i've found the array_category .

I name it "itembyname" .

Is it possible to add this function to our next release ?

Regards

PS : don't hesitate to answer in french ;)

Currently, if you do a search in the password listing, you get a result list that can't be used for moving items around.

I'd like to see a simple live filter that would let me filter items in the tree to still allow them to be drag+dropped to move them around in the folder structure. 

This request is broken up into two parts:

1. Linked Items.  One of my more-common scenarios is to track things like Online forum accounts in TeamPass.  In many of these cases I use a common email account (usually GMail) when registering for the forum.  When I create the Teampass Item to track each forum account, I end up having to duplicate the credentials for the common GMail account, so I can immediately access them without having to navigate several items in Teampass.  I could alternatively add just the email address in the appropriate field within the item, but then I'd have to manually navigate to a different item to see the rest of the common Gmail credentials/attributes.  It would be nice to have a new field (Linked Item) that you could use to refer to another item within Teampass, potentially within a different folder (e.g. a folder of email accounts).  Clicking on that linked-item would navigate directly to the other item within Teampass - subject to permissions of-course.

2. Items that Link to Me.  Conversely, it would be nice to be able to click on a button within given item and pop up a list of items that link to it.  If that was a picklist, then it could even be used to navigate directly to that item.

Ultimately it's straightforward to use workarounds to simulate this kind of functionality, but it's a bit awkward.  Allowing linked-items and items-that-link-to-me would greatly improve and speed up navigation throughout Teampass for these kinds of use-cases, especially where the various items are stored in different folders.  It would also improve data-normalization since I would no longer need to duplicate credentials across related items.

Would it be possible to add the ability for the offline file to only be accessible for X number of hours?  This way the file will automatically expire and users can't download it and take it with them if they leave the company?