Guest User

Untitled

a guest
Jun 25th, 2018
171
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.00 KB | None | 0 0
  1. # django ldap auth
  2. USE_LDAP = True
  3. # LDAP authentication support
  4. if USE_LDAP:
  5.  
  6. import ldap
  7. from django_auth_ldap.config import LDAPSearch, LDAPGroupQuery, ActiveDirectoryGroupType
  8.  
  9. # LDAP settings
  10. AUTH_LDAP_SERVER_URI = 'ldap://something.ac.uk:389'
  11. # AUTH_LDAP_PORT = 636 (Default Port for SSL)
  12. AUTH_LDAP_BIND_DN = 'cn=bind_user,ou=service accounts,dc=something,dc=something_else,dc=ac,dc=uk'
  13. AUTH_LDAP_BIND_PASSWORD = 'password'
  14. AUTH_LDAP_USER_SEARCH = LDAPSearch(
  15. 'ou=users,dc=something,dc=something_else,dc=ac,dc=uk',
  16. ldap.SCOPE_SUBTREE, '(sAMAccountName=%(user)s)')
  17. AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
  18. 'OU=Groups,dc=something,dc=something_else,dc=ac,dc=uk',
  19. ldap.SCOPE_SUBTREE, '(objectClass=*)')
  20. AUTH_LDAP_GROUP_TYPE = ActiveDirectoryGroupType()
  21. AUTH_LDAP_FIND_GROUP_PERMS = True
  22. AUTH_LDAP_GLOBAL_OPTIONS = {
  23. ldap.OPT_X_TLS_REQUIRE_CERT: False,
  24. ldap.OPT_REFERRALS: False, }
  25. AUTH_LDAP_REQUIRE_GROUP = 'CN=Required_Group,DC=Something,DC=something_else,DC=ac,DC=uk'
  26. AUTH_LDAP_ALWAYS_UPDATE_USER = True
  27. # Cache group memberships for an hour to minimize LDAP traffic
  28. AUTH_LDAP_CACHE_GROUPS = True
  29. AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
  30. AUTH_LDAP_USER_ATTR_MAP = {'first_name': 'givenName',
  31. 'last_name': 'sn',
  32. 'email': 'mail'}
  33. AUTH_LDAP_USER_FLAGS_BY_GROUP = {
  34. 'is_active': (
  35. LDAPGroupQuery("CN=GroupToSearch,DC=Something,DC=something_else,DC=ac,DC=uk")
  36. ),
  37. 'is_staff': (
  38. LDAPGroupQuery("CN=GroupToSearch,DC=Something,DC=something_else,DC=ac,DC=uk")
  39. ),
  40. 'is_superuser': (
  41. LDAPGroupQuery("CN=GroupToSearch,DC=Something,DC=something_else,DC=ac,DC=uk")
  42. )
  43. }
  44.  
  45. if USE_LDAP:
  46. AUTHENTICATION_BACKENDS = (
  47. 'django_auth_ldap.backend.LDAPBackend',
  48. 'django.contrib.auth.backends.ModelBackend',
  49. )
  50. else:
  51. AUTHENTICATION_BACKENDS = (
  52. 'django.contrib.auth.backends.ModelBackend',
  53. )
Add Comment
Please, Sign In to add comment