ldap.py

## ldap.py
import ldap
from django_auth_ldap.config import LDAPSearch
from ralph.accounts.ldap import MappedGroupOfNamesType

AUTHENTICATION_BACKENDS = (
    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
)

AUTH_LDAP_SERVER_URI = 'ldap://ldap.server.in.your.company:3268'
AUTH_LDAP_BIND_PASSWORD = '********'
AUTH_LDAP_BIND_DN = 'FOO\ldapbind_ralph'
AUTH_LDAP_USER_SEARCH_BASE = 'DC=foo,DC=bar'
AUTH_LDAP_USER_FILTER = '(|(memberOf=CN=ralph_users,DC=foo,DC=bar))'
AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail",
    "company": "company",
    "segment": "extraAttr001",
    "manager": "manager",
    "profit_center": "extraAttr002",
    "cost_center": "extraAttr003",
    "department": "department",
    "employee_id": "extraAttr004",
    "location": "physicalDeliveryOfficeName",
    "manager": "manager",
    "country": "c"
}
AUTH_LDAP_GROUP_MAPPING = {
    "CN=ralph_users,DC=foo,DC=bar": "active",
    "CN=ralph_superuser,DC=foo,DC=bar": "superuser",
}

AUTH_LDAP_NESTED_FILTER = '(memberOf:1.2.840.113556.1.4.1941:={})'  # if you use nested group in AD
AUTH_LDAP_NESTED_GROUPS = {
    "CN=ralph_support,DC=foo,DC=bar": "Support",
    "CN=ralph_admin,DC=foo,DC=bar": "Admins",
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTH_LDAP_USER_USERNAME_ATTR = 'sAMAccountName'

AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
    AUTH_LDAP_USER_SEARCH_BASE,
    ldap.SCOPE_SUBTREE,
    '(objectClass=group)'
)
AUTH_LDAP_USER_SEARCH = LDAPSearch(
    AUTH_LDAP_USER_SEARCH_BASE,
    ldap.SCOPE_SUBTREE,
    '(&(objectClass=*)({}=%(user)s))'.format(AUTH_LDAP_USER_USERNAME_ATTR)
)
AUTH_LDAP_GROUP_TYPE = MappedGroupOfNamesType(name_attr="cn")
AUTH_LDAP_USER_USERNAME_ATTR = 'sAMAccountName'
AUTH_LDAP_PROTOCOL_VERSION = 3
	import ldap
	from django_auth_ldap.config import LDAPSearch
	from ralph.accounts.ldap import MappedGroupOfNamesType

	AUTHENTICATION_BACKENDS = (
	'django_auth_ldap.backend.LDAPBackend',
	'django.contrib.auth.backends.ModelBackend',
	)

	AUTH_LDAP_SERVER_URI = 'ldap://ldap.server.in.your.company:3268'
	AUTH_LDAP_BIND_PASSWORD = '********'
	AUTH_LDAP_BIND_DN = 'FOO\ldapbind_ralph'
	AUTH_LDAP_USER_SEARCH_BASE = 'DC=foo,DC=bar'
	AUTH_LDAP_USER_FILTER = '(\|(memberOf=CN=ralph_users,DC=foo,DC=bar))'
	AUTH_LDAP_USER_ATTR_MAP = {
	"first_name": "givenName",
	"last_name": "sn",
	"email": "mail",
	"company": "company",
	"segment": "extraAttr001",
	"manager": "manager",
	"profit_center": "extraAttr002",
	"cost_center": "extraAttr003",
	"department": "department",
	"employee_id": "extraAttr004",
	"location": "physicalDeliveryOfficeName",
	"manager": "manager",
	"country": "c"
	}
	AUTH_LDAP_GROUP_MAPPING = {
	"CN=ralph_users,DC=foo,DC=bar": "active",
	"CN=ralph_superuser,DC=foo,DC=bar": "superuser",
	}

	AUTH_LDAP_NESTED_FILTER = '(memberOf:1.2.840.113556.1.4.1941:={})' # if you use nested group in AD
	AUTH_LDAP_NESTED_GROUPS = {
	"CN=ralph_support,DC=foo,DC=bar": "Support",
	"CN=ralph_admin,DC=foo,DC=bar": "Admins",
	}
	AUTH_LDAP_ALWAYS_UPDATE_USER = True
	AUTH_LDAP_USER_USERNAME_ATTR = 'sAMAccountName'

	AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
	AUTH_LDAP_USER_SEARCH_BASE,
	ldap.SCOPE_SUBTREE,
	'(objectClass=group)'
	)
	AUTH_LDAP_USER_SEARCH = LDAPSearch(
	AUTH_LDAP_USER_SEARCH_BASE,
	ldap.SCOPE_SUBTREE,
	'(&(objectClass=*)({}=%(user)s))'.format(AUTH_LDAP_USER_USERNAME_ATTR)
	)
	AUTH_LDAP_GROUP_TYPE = MappedGroupOfNamesType(name_attr="cn")
	AUTH_LDAP_USER_USERNAME_ATTR = 'sAMAccountName'
	AUTH_LDAP_PROTOCOL_VERSION = 3