Support LDAP -> Defguard one way synchronization

[t-aleksander]

Due to legacy reasons, our current synchronization has only two modes:
Defguard -> LDAP (one-way)
Defguard <-> LDAP (two-way)

There is no mode that would support synchronizing only from LDAP to Defguar, ignoring any changes made in Defguard. Several users requested this feature.

The only workaround that one of our users has come up with is binding to a user that doesn't have write permissions on the LDAP server (read-only). This workaround however hasn't been verified by us yet.

[alexandrevoilab]

That is not explained in the document and is very confusing UI wise.
We just spent hours re-configuring every thing to get it to work. The UI and documentation led us to think it would work for a one way LDAP -> Defguard sync.

Checking Enable LDAP integration, unchecking Enable LDAP two-way synchronization and setting the authority to LDAP would be the expected state to get a one way synchronization.

[t-aleksander]

The documentation has been updated to better explain the supported synchronization directions and a workaround has been described that allows for synchronizing one way from LDAP -> Defguard (https://docs.defguard.net/features/ldap-and-active-directory-integration/configuration#one-way-ldap-greater-than-defguard-synchronization).

In the 2.0 version the UI of the LDAP integration is being redesigned to communicate more clearly how the integration works.