Integration

VaaS is ready to authorize users via ldap server. It requires only one configuration file to define all settings required by ldap. You can find more details about VaaS configuration here

Sample configuration file

ldap.yml:

AUTH_LDAP_SERVER_URI: ldap://your-ldap.com:3268
AUTH_LDAP_BIND_DN: COMPANY\ldapbind_vaas
AUTH_LDAP_BIND_PASSWORD: 'password'
AUTH_LDAP_USER_SEARCH_BASE: DC=yourcompany,DC=internal
AUTH_LDAP_USER_USERNAME_ATTR: sAMAccountName
AUTH_LDAP_USER_SEARCH_FILTER: (&(objectClass=*)({0}=%(user)s))
AUTH_LDAP_USER_FILTER: |-
  '(|(memberOf=CN=_gr_common_access,OU=Other Resources,OU=Company-Restricted))'
AUTH_LDAP_ALWAYS_UPDATE_USER: True
AUTH_LDAP_USER_ATTR_MAP:
  first_name: givenName
  last_name: sn
  email: mail
AUTH_LDAP_GROUP_SEARCH:
  - DC=yourcompany,DC=internal
  - (objectClass=group)
AUTH_LDAP_GROUP_MAPPING:
  CN=_gr_vaas,OU=POL,OU=Corp-Restricted,DC=yourcompany,DC=internal: active
  CN=_gr_vaas_admin,OU=POL,OU=Corp-Restricted,DC=yourcompany,DC=internal: staff
  CN=_gr_vaas_superuser,OU=POL,OU=Corp-Restricted,DC=yourcompany,DC=internal: superuser
  CN=_gr_vaas_core,OU=POL,OU=Corp-Restricted,DC=yourcompany,DC=internal: has-all-rights
AUTH_LDAP_MIRROR_GROUPS: False
AUTH_LDAP_GROUP_TYPE: cn
AUTH_LDAP_ALWAYS_UPDATE_USER: True
AUTHENTICATION_BACKENDS:
  - django_auth_ldap.backend.LDAPBackend
  - django.contrib.auth.backends.ModelBackend
AUTH_LDAP_MIRROR_GROUPS: True

Keys	Action
`?`	Open this help
`←`	Previous page
`→`	Next page
`s`	Search