ldap_config: resolve AUTH_LDAP_USER_SEARCH_ATTR and AUTH_LDAP_GROUP_SEARCH_CLASS from env

This commit is contained in:
jacob 2019-01-19 05:12:36 -05:00
parent c9d9c7349e
commit 2f5d293fd6

View File

@ -25,12 +25,12 @@ LDAP_IGNORE_CERT_ERRORS = os.environ.get('LDAP_IGNORE_CERT_ERRORS', 'False').low
AUTH_LDAP_USER_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_USER_SEARCH_BASEDN', ''),
ldap.SCOPE_SUBTREE,
"(sAMAccountName=%(user)s)")
"(" + os.environ.get('AUTH_LDAP_USER_SEARCH_ATTR', 'sAMAccountName') + "=%(user)s)")
# This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group
# heirarchy.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_GROUP_SEARCH_BASEDN', ''), ldap.SCOPE_SUBTREE,
"(objectClass=group)")
"(objectClass=" + os.environ.get('AUTH_LDAP_GROUP_SEARCH_CLASS', 'group') + ")")
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()
# Define a group required to login.