import ldap | |
from django_auth_ldap.config import LDAPSearch | |
from ralph.accounts.ldap import MappedGroupOfNamesType | |
AUTHENTICATION_BACKENDS = ( | |
'django_auth_ldap.backend.LDAPBackend', | |
'django.contrib.auth.backends.ModelBackend', | |
) | |
AUTH_LDAP_SERVER_URI = 'ldap://ldap.server.in.your.company:3268' | |
AUTH_LDAP_BIND_PASSWORD = '********' | |
AUTH_LDAP_BIND_DN = 'FOO\ldapbind_ralph' | |
AUTH_LDAP_USER_SEARCH_BASE = 'DC=foo,DC=bar' | |
AUTH_LDAP_USER_FILTER = '(|(memberOf=CN=ralph_users,DC=foo,DC=bar))' | |
AUTH_LDAP_USER_ATTR_MAP = { | |
"first_name": "givenName", | |
"last_name": "sn", | |
"email": "mail", | |
"company": "company", | |
"segment": "extraAttr001", | |
"manager": "manager", | |
"profit_center": "extraAttr002", | |
"cost_center": "extraAttr003", | |
"department": "department", | |
"employee_id": "extraAttr004", | |
"location": "physicalDeliveryOfficeName", | |
"manager": "manager", | |
"country": "c" | |
} | |
AUTH_LDAP_GROUP_MAPPING = { | |
"CN=ralph_users,DC=foo,DC=bar": "active", | |
"CN=ralph_superuser,DC=foo,DC=bar": "superuser", | |
} | |
AUTH_LDAP_NESTED_FILTER = '(memberOf:1.2.840.113556.1.4.1941:={})' # if you use nested group in AD | |
AUTH_LDAP_NESTED_GROUPS = { | |
"CN=ralph_support,DC=foo,DC=bar": "Support", | |
"CN=ralph_admin,DC=foo,DC=bar": "Admins", | |
} | |
AUTH_LDAP_ALWAYS_UPDATE_USER = True | |
AUTH_LDAP_USER_USERNAME_ATTR = 'sAMAccountName' | |
AUTH_LDAP_GROUP_SEARCH = LDAPSearch( | |
AUTH_LDAP_USER_SEARCH_BASE, | |
ldap.SCOPE_SUBTREE, | |
'(objectClass=group)' | |
) | |
AUTH_LDAP_USER_SEARCH = LDAPSearch( | |
AUTH_LDAP_USER_SEARCH_BASE, | |
ldap.SCOPE_SUBTREE, | |
'(&(objectClass=*)({}=%(user)s))'.format(AUTH_LDAP_USER_USERNAME_ATTR) | |
) | |
AUTH_LDAP_GROUP_TYPE = MappedGroupOfNamesType(name_attr="cn") | |
AUTH_LDAP_USER_USERNAME_ATTR = 'sAMAccountName' | |
AUTH_LDAP_PROTOCOL_VERSION = 3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment