Re: [netbox-discuss] Re: Ldap auth issue

31 views
Skip to first unread message
Message has been deleted
Message has been deleted

Evan Brodie

unread,
Jun 18, 2021, 3:50:21 PM6/18/21
to sem, NetBox
ah ok.. no worries

On Fri, Jun 18, 2021 at 3:36 PM sem <semvo...@gmail.com> wrote:
Forget to mention it, I use phpldapadmin as LDAP server

Op vrijdag 18 juni 2021 om 11:51:59 UTC+2 schreef sem:

Best,

I've setup Netbox with LDAP,

this config works

import ldap
from django_auth_ldap.config import LDAPSearch

AUTH_LDAP_SERVER_URI = "ldap://ldap.name.nl"

AUTH_LDAP_BIND_DN = "cn=admin,dc=name,dc=nl"
AUTH_LDAP_BIND_PASSWORD = "XXXXXXXX"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=Users,dc=name,dc=nl",ldap.SCOPE_SUBTREE,"(sAMAccountName=%(user)s)")

AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=name,dc=nl"

#You can map user attributes to Django attributes as so.
AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail"
}

but when I use groups it wont work.
this is the config with groups:

import ldap
from django_auth_ldap.config import LDAPSearch, PosixGroupType

# Server URI
AUTH_LDAP_SERVER_URI = "ldap://ldap.name.nl"

# Set the DN and password for the NetBox service account.
AUTH_LDAP_BIND_DN = "cn=admin,dc=name,dc=nl"
AUTH_LDAP_BIND_PASSWORD = "XXXXXX"

LDAP_IGNORE_CERT_ERRORS = True

AUTH_LDAP_USER_DN_TEMPLATE = "cn=%(user)s,ou=users,dc=name,dc=nl"

AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "givenName",
    "last_name": "sn",
}

AUTH_LDAP_GROUP_SEARCH = LDAPSearch("dc=name,dc=nl", ldap.SCOPE_SUBTREE, "(objectClass=PosixGroupType)")
AUTH_LDAP_GROUP_TYPE = PosixGroupType()

AUTH_LDAP_MIRROR_GROUPS = True
AUTH_LDAP_FIND_GROUP_PERMS = True

AUTH_LDAP_USER_FLAGS_BY_GROUP = {
    "is_superuser": "cn=somegroup,ou=groups,dc=name,dc=nl",
}

I created in netbox a group with the same name in ldap but also no magic...

I use netbox(v2.11.6) debian 10 buster Python 3.7.3


--
You received this message because you are subscribed to the Google Groups "NetBox" group.
To unsubscribe from this group and stop receiving emails from it, send an email to netbox-discus...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/netbox-discuss/5e58cf74-ae42-4a8f-b201-b5060657e3e6n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages