docker-ldap install help

920 views
Skip to first unread message

Aaron Z

unread,
Sep 10, 2019, 4:43:40 PM9/10/19
to NetBox
Hello,
I have successfully installed Netbox via Docker using the docker-compose method provided.   However, after testing I realized that LDAP is not enabled and found the additional documentation below:

LDAP enabled variant

The images tagged with "-ldap" contain anything necessary to authenticate against an LDAP or Active Directory server. The default configuration ldap_config.py is prepared for use with an Active Directory server. Custom values can be injected using environment variables, similar to the main configuration mechanisms.



In my limited experience with Docker I'm unsure how to proceed.  Do I need to modify the docker-compose file and change something to netbox-ldap (I attempted this unsuccessfully)?  Or do I run the export command to modify the docker-compose file?  Or something else?


Thanks,
Aaron

Matthew Yauch

unread,
Sep 10, 2019, 5:59:14 PM9/10/19
to NetBox
Aaron,

I have a specific image in my docker-compose.yml like so:
version: '3.7'
services:
  netbox: &netbox
    image: netboxcommunity/netbox:v2.6.2-ldap
    depends_on:
    - postgres
    - redis
    - netbox-worker
    env_file: data/env/netbox.env
etc...

Then in your environment variable you can fill in the specifics:
# LDAP
AUTH_LDAP_SERVER_URI=ldaps://mysuperduperdc.domain.local
AUTH_LDAP_BIND_DN=netbox_service_account
LDAP_IGNORE_CERT_ERRORS=true
AUTH_LDAP_USER_SEARCH_BASEDN=ou=MYOU,dc=domain,dc=local
AUTH_LDAP_GROUP_SEARCH_BASEDN=ou=MYSEARCHOU,dc=domain,dc=local
AUTH_LDAP_GROUP_TYPE=NestedActiveDirectoryGroupType
AUTH_LDAP_REQUIRE_GROUP_DN=cn=netbox_users,ou=MYOU,dc=domain,dc=local
AUTH_LDAP_IS_ADMIN_DN=cn=netbox_staff,ou=MYOU,dc=domain,dc=local
AUTH_LDAP_IS_SUPERUSER_DN=cn=netbox_superuser,ou=MYOU,dc=domain,dc=local

Aaron Zuercher

unread,
Sep 12, 2019, 3:37:37 PM9/12/19
to NetBox
Matthew,
Thanks for the tips.  I modified my docker-comopse to specify version 2.6.3-ldap as your example indicated and I think that is fine.  However I can't login after modifying my netbox.env file with the LDAP options.  My container logs shows only this:

Caught LDAPError while authenticating user15: SERVER_DOWN({'desc': "Can't contact LDAP server"})

Originally I had ldap server in by DNS name so I tried IP and tried with/without LDAP ports.  Any ideas? 

Also, is there a way in docker-compse.yml to set a port so that every time I restart it doesn't change?   I tried changing ports:  to - "8080:36768" but it isn't taking it.
Thanks,
Aaron

--
You received this message because you are subscribed to the Google Groups "NetBox" group.
To unsubscribe from this group and stop receiving emails from it, send an email to netbox-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/netbox-discuss/5525e9f7-3742-4c2a-b051-f1d6f7215ee7%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages