Commit 1bba8091 authored by Recteur LP's avatar Recteur LP

Add IPA Example

parent 92780940
......@@ -43,6 +43,25 @@ ldapauth:
- 'CN=My Admin Group,DC=example,DC=com'
```
#### FreeIPA Example
```yaml
ldapauth:
server: my_ipa_server
port: 389
ssl: False
version: 3
authorize_non_ldap_user: False # Set to True to Accept non LDAP user in the Remote-User Header
user_id: uid
group_member_attr: member
user_displayname: gecos
user: 'cn=svc_account,dc=example,dc=com'
password: xxx
basedn: 'cn=accounts,dc=example,dc=com'
admin:
- 'cn=My Admin Group,dc=example,dc=com'
```
*To anonymously bind ldap do not set user and password*
......
......@@ -161,7 +161,7 @@ class auth():
division = attrs.get('division', ['Guest'])[0]
displayname = attrs.get(self.config['user_displayname'], ['Guest'])[0]
company = attrs.get('company', [''])[0]
dn = attrs.get("entryDN", name)[0]
dn = attrs.get("entryDN", [entry.get("dn")])[0]
isadmin = False
admins = []
......@@ -171,6 +171,9 @@ class auth():
if 'name' in admin and name.lower() == admin['name'].lower():
isadmin = True
break
elif 'name' in admin and dn.lower() == admin['name'].lower():
isadmin = True
break
if isadmin:
break
return {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment