Overview

File ldap_config.py of Package netbox

import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType, NestedGroupOfNamesType

# Include this file if you want to use LDAP as your source for authentication and authorization
# For details, see https://netbox.readthedocs.io/en/latest/installation/ldap/

# Server URI
#AUTH_LDAP_SERVER_URI = "ldaps://ldap.example.com"

# The following may be needed if you are binding to Active Directory.
#AUTH_LDAP_CONNECTION_OPTIONS = {
#    ldap.OPT_REFERRALS: 0
#}

# Set the DN and password for the NetBox service account.
#AUTH_LDAP_BIND_DN = "cn=NETBOXSA,ou=Service Accounts,dc=example,dc=com"
#AUTH_LDAP_BIND_PASSWORD = ""

# Include this setting if you want to ignore certificate errors. This might be needed to accept a self-signed cert.
# Note that this is a NetBox-specific setting which sets:
#     ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)

#LDAP_IGNORE_CERT_ERRORS = True

# If a user's DN is producible from their username, we don't need to search.
# Don't use this with Active Directory, use AUTH_LDAP_USER_SEARCH instead
#AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com"

# This search matches users with the sAMAccountName equal to the provided username. This is required if the user's
# username is not in their DN (Active Directory).
#AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=Users,dc=example,dc=com",
#                                    ldap.SCOPE_SUBTREE,
#                                    "(sAMAccountName=%(user)s)")

# You can map user attributes to Django attributes as so.
#AUTH_LDAP_USER_ATTR_MAP = {
#    "first_name": "givenName",
#    "last_name": "sn",
#    "email": "mail"
#}

# For use with LDAP servers
#AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()
# For uuse with Active Directory
#AUTH_LDAP_GROUP_TYPE = NestedGroupOffNamesType()


# Define special user types using groups. Exercise great caution when assigning superuser status.
#AUTH_LDAP_USER_FLAGS_BY_GROUP = {
#    "is_active": "cn=active,ou=groups,dc=example,dc=com",
#    "is_staff": "cn=staff,ou=groups,dc=example,dc=com",
#    "is_superuser": "cn=superuser,ou=groups,dc=example,dc=com"
#}

# For more granular permissions, we can map LDAP groups to Django groups.
#AUTH_LDAP_FIND_GROUP_PERMS = True

# Cache groups for one hour to reduce LDAP traffic
#AUTH_LDAP_CACHE_GROUPS = True
#AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
openSUSE Build Service is sponsored by
Places