The Great Open Source Debate with Elastic, Gluu and GitHub 🎤 Oct 26

Upcoming changes to identity management integrations

If this trend continues, there’s always an option to fork the Community Edition and keep porting over security updates. But with time that’ll become more and more difficult. Plus I bet nobody would be able to do this in their spare time.

If a lot of Rocket.Chat CE communities would have to choose between switching to a different platform or donating a few dollars a month to a volunteer developer - maybe it’d be possible to have a fork going.

I think it would still be more beneficial to the Rocket.Chat team and the community if there was an affordable way to still use the previously available CE features for a small fee, as it’s clear most of them will not be able to afford that with the current plan.

It still sucks, but it is what it is - I understand that the company needs to make profit to keep operating, but this could seriously undercut the entire thing. The community good will and word-of-mouth marketing may have a bigger impact that expected.

I am managing a non-profit community focused around music production with FOSS and I use Rocket.Chat as an alternative to Discord, for the sake of user privacy and independence in case Discord some day decides we’re not worthy for whatever reason.

I am not currently using LDAP or Oath, and switching to Zulip would mean I’d have to ask ~300 users to migrate their accounts. That’d suck, but if Rocket.Chat will keep cutting down features from the CE, I might be left with no choice.

We are using Rocket.Chat for a large non profit and myself for a small business. I myself have contributed code to the SAML integration. Taking it away from the community now, is an absolute no go for an open source driven company. This is the kind of behaivor that forces people to create a fork, which then only splits the community apart… Very sad to see the same thing that happened to the nice Sun projects, happening to Rocket.Chat now.

@tomaszd I would love to hear from you how this lack of the Search and Group filters will affect your’s installation. You mentioned you have around 200 users, it seems a small number to require such advanced features, can’t you allow every user in your LDAP to log in?

@deltachaos thanks for your feedback. As you can see here basic SAML will continue to be in Community Edition, only a few advanced features will be moved to Enterprise Edition. I’d love to hear from you if and how you are using those advanced features today.

If you have contributed to the code in the past, we will be happy to give you the enterprise license for this feature or even more.

@jacotec thank you for your valuable input.

Please join the Open Call for Community and share them with Gabriel Engel directly.

@unfa thank you for the thoughtful and considerate analysis.

I hope you can join us for the Open Call for Community and let us explore this together further.

@scastromx Please join the Open Call for Community and share your sentiments with our leadership and decision makers. Thanks.

Hey @robbyoconnor :pray: Great to meet again here.

Please join the Open Call for Community and ask Gabriel directly.

See you soon.

@EnCz Please join the Open Call for Community ! The leadership and decision makes need to hear this.

Thanks for being a loyal champion of Rocket.Chat at your firm :pray:

Yes, you can still use your existing Custom OAuth and add new ones, the basic functionalities remain for all auth methods, only advanced features are affected.

@jason Most of custom oauth actually remains in CE.

Please join the Open Call for Community to determine if your specific use-case is covered.

…I am using an LDAP filter so that I have around 200 users allowed to log in, that is how I am using this feature…

I would love it if you could stop removing features so we can use this software the same way we’ve been using it for the last 4 years, an LDAP filter is the most basic feature you can implement for an LDAP integration, it’s not an advanced feature.


Extremely considerate summary @Blackclaws :pray: Sincerely appreciated.

And we are listening. Please join us for the Open Call for Community

Thanks again.

had a peek into matrix - got i connected to LDAP and search filter. Looks promising and it has working federation!


If this actually happens, it will force us to go away. We are using rocket chat only because it is free. We have builded our own mobile apps what is unconvienient but ok, we can live with it but removing LDAP will either force us to migrate to Zulip or Matrix or go full fledged paid solution.

Now why would we pay for something like rocket chat where every release you break voice chat somehow? Paying similar amount to microsoft, you have office and bullet proof audio communication platform.

Perfect, thanks for the clarification.

“LDAP_User_Search_Filter” is essential for our installations.
We have >100.000 users in our LDAP with many different tenants.
Some of them need the search filter to only allow users which did an explicit opt-in to

If we loose this feature in CE is not a affordable product any more for us.

4 Likes it would be helpful if the original post stated what you are clarifying. The original post reads:

Our team has recently completed a refactoring of all identity management integrations including LDAP features, SAML integration and advanced Oauth capabilities. In our September 27th release, these features will be added to the Rocket.Chat enterprise edition, while a limited version of LDAP integration features, together with social login options, will remain available for use and extension in the community edition.

What you are saying is that SAML, Oauth, etc will continue to work, but the original post does not read that way.

Also, I just updated to 3.18.1 and your banner contradicts what you are saying:

I’d love to, but unfortunately I’ll be not back home from the office at this time.

I hope a lot others stand my point.

Our goal is to enable Rocket.Chat users to have a choice between extending basic LDAP

Please, please, please leave the filter and sync.
(If possible, please keep all of them.)
That’s what “basic LDAP integration” is all about!

1 Like