transifex/templates/45-ldap.conf

AUTHENTICATION_BACKENDS = (
    'custom_backend.ForceUidLDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
)

# Use LDAP group membership to calculate group permissions.
AUTH_LDAP_FIND_GROUP_PERMS = True

AUTH_LDAP_START_TLS = True

# Cache group memberships for an hour to minimize LDAP traffic
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600

import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType


# Baseline configuration.
AUTH_LDAP_SERVER_URI = "ldap://ldap.<%= domain %> ldap://ldap-slave-1.<%= domain %>"

AUTH_LDAP_BIND_DN = "cn=transifex-<%= hostname %>,ou=System Accounts,<%= dc_suffix %>"
AUTH_LDAP_BIND_PASSWORD = "<%= ldap_password %>"

AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=People,<%= dc_suffix %> ",
    ldap.SCOPE_SUBTREE, "(|(uid=%(user)s)(mail=%(user)s))")

# Set up the basic group parameters.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=Group,<%= dc_suffix %>",
    ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
)
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr="cn")

# Only users in this group can log in.
#AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=groups,dc=example,dc=com"

# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail"
}

AUTH_LDAP_USER_FLAGS_BY_GROUP = {
    "is_active": "cn=mga-i18n,ou=Group,<%= dc_suffix %>",
    "is_staff": "cn=mga-i18n-committers,ou=Group,<%= dc_suffix %>",
    "is_superuser": "cn=mga-sysadmin,ou=Group,<%= dc_suffix %>"
}
1	misc	618	AUTHENTICATION_BACKENDS = (
2	misc	632	'custom_backend.ForceUidLDAPBackend',
3	misc	618	'django.contrib.auth.backends.ModelBackend',
4			)
5
6			# Use LDAP group membership to calculate group permissions.
7			AUTH_LDAP_FIND_GROUP_PERMS = True
8
9			AUTH_LDAP_START_TLS = True
10
11			# Cache group memberships for an hour to minimize LDAP traffic
12			AUTH_LDAP_CACHE_GROUPS = True
13			AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
14
15			import ldap
16			from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
17
18
19			# Baseline configuration.
20	misc	1676	AUTH_LDAP_SERVER_URI = "ldap://ldap.<%= domain %> ldap://ldap-slave-1.<%= domain %>"
21	misc	618
22	misc	1291	AUTH_LDAP_BIND_DN = "cn=transifex-<%= hostname %>,ou=System Accounts,<%= dc_suffix %>"
23	misc	618	AUTH_LDAP_BIND_PASSWORD = "<%= ldap_password %>"
24
25			AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=People,<%= dc_suffix %> ",
26	misc	632	ldap.SCOPE_SUBTREE, "(\|(uid=%(user)s)(mail=%(user)s))")
27	misc	618
28			# Set up the basic group parameters.
29			AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=Group,<%= dc_suffix %>",
30			ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
31			)
32			AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr="cn")
33
34			# Only users in this group can log in.
35			#AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=groups,dc=example,dc=com"
36
37			# Populate the Django user from the LDAP directory.
38			AUTH_LDAP_USER_ATTR_MAP = {
39			"first_name": "givenName",
40			"last_name": "sn",
41			"email": "mail"
42			}
43
44			AUTH_LDAP_USER_FLAGS_BY_GROUP = {
45	misc	1192	"is_active": "cn=mga-i18n,ou=Group,<%= dc_suffix %>",
46			"is_staff": "cn=mga-i18n-committers,ou=Group,<%= dc_suffix %>",
47	misc	618	"is_superuser": "cn=mga-sysadmin,ou=Group,<%= dc_suffix %>"
48			}