| 28 Apr 2019 |
 @park:mgp.ax.lt | 😃 | 13:06:12 |
 Matt (eggy) | fyi, when I run dpkg -i on the releases, it'll stop mxisd, but I have to manually restart it | 13:11:46 |
 Maximus | that's expected as there might be changes needed | 13:12:53 |
| Maximus | like in the config files | 13:13:11 |
| Matt (eggy) | ok | 13:13:52 |
| Matt (eggy) | Upgrade complete | 13:23:08 |
| Maximus | Matt (eggy): ty for the feedbakc. Let me know if you encounter any issues with usage | 13:33:31 |
| Matt (eggy) | No problem | 13:36:06 |
|  Nomagic joined the room. | 17:52:57 |
| Maximus | Nomagic: go for the questions :) | 18:05:52 |
| Nomagic | yeah sorry, started reading the github again while room was loading | 18:06:29 |
| Nomagic | so basically, I am looking for a way to use a Matrix server which:
- use LDAP and maps username from DisplayName
- does not allow internal search of other users via any attribute. I know mxisd thrives on mapping LDAP attributes, but for me the upside is more on hiding the real username, and having my own, local ID server
| 18:10:29 |
| Nomagic | Could mxsid fit my requirements? | 18:10:58 |
| Maximus | yes and no... but let's clarify a few things | 18:12:19 |
| Maximus |
- Display name is by definition a changing and non-unique value, which contains illegal characters for Matrix usernames. It doesn't make sense, so I'm thinking using the display name is a mean to an end, so you should tell me what you want to achieve, not how.
- About the search, do you mean directory search of 3PID lookups?
| 18:14:16 |
| Nomagic |
- Well, I want my users' usernames to be different than their real username, if that is possible.
- yes. It's not a huge deal, but it would be nice.
| 18:16:45 |
| Maximus |
- the LDAP Identity store allows you to use whatever attribute you want as a username. Up to you to map it to whatever makes sense, it doesn't have to be their "real" usernames
- You answered "yes" but my question was a choice :)
| 18:18:20 |
| Maximus | There was a typo for 2), it should read "directory search or 3PID lookups" | 18:18:55 |
| Nomagic | oh, ok :) | 18:19:11 |
| Nomagic | directory search I guess I could limit it with LDAP ACLs | 18:19:38 |
| Maximus | Directory is an optional, opt-in feature of mxisd. It's not part of the Matrix specification for an Identity Server. So if you don't want it, there is nothing for you to do | 18:20:15 |
| Nomagic | Well I want to use it, but only because it allows same userid/password as the rest of services using LDAP auth. But other than that, I would like to keep users as unaware of each others as possible. | 18:23:04 |
| Nomagic | or maybe I misread, directory as in https://github.com/kamax-matrix/mxisd/blob/master/docs/features/directory.md | 18:25:03 |
| Nomagic | in that case ok yeah, I'll just not use it. | 18:25:31 |
| Maximus | yes, that's opt-in. The overview section also explains what happens without, and with | 18:26:15 |
| Nomagic | ok, sounds good. | 18:26:53 |
| Nomagic | regarding perf/stability, is there anything I should be aware of when switching to mxisd? | 18:27:55 |
| Maximus | not really. mxisd is used rarely by clients, compared to the homeserver | 18:28:44 |
| Nomagic | and... what's your current view on Riot? (I read through the github discussion on PRISM from last year) | 18:30:49 |
| Nomagic | talking about Riot-web and F-Droid app only | 18:33:56 |
