Addressing Multiple AD Servers and/or User Groups on AD Server #233
Comments
|
Not at this time, sorry. Only a single ldap server is supported.
I'd take an MR to add this feature.
…On Tue, 7 Dec 2021 at 21:39, Casey McCormick ***@***.***> wrote:
This is a great library. Really well done. It's working for a project
great, but I wondered if anyone had used it yet in a situation where you
may have two different LDAP servers that need to be searched for users in
AD.
Example: One may be corp.forestlake.com and another may be
corp.rivervalley.com. In each of those servers, then two search bases
might be possible....
In example, "ou=Staff,ou=City1,ou=Site,ou=Company
Name,dc=corp,dc=forestlake,dc=com".
My plan is to pass in dictionaries. Will this work ideally with the code
and/or do all the settings have to be passed through in that way or just
the ones that are going to be different?
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#233>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABEKCCBDUG5BFMG35MMMFTUPZ5KPANCNFSM5JSIIJVA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
|
I'm going to fork this and see if I can add that capability. It's definitely worth adding the capability because this is the best solution I've seen to thus far. Many of the LDAP and Kerberos packages out there had some issues. This one has been fairly bulletproof, but I'm learning that LDAP and Active Directory can be challenging. |
|
Perfect. Please do submit back the changes as a PR, as others will likely
benefit.
…On Wed, 8 Dec 2021 at 16:17, Casey McCormick ***@***.***> wrote:
I'm going to fork this and see if I can add that capability. It's
definitely worth adding the capability because this is the best solution
I've seen to thus far. Many of the LDAP and Kerberos packages out there had
some issues. This one has been fairly bulletproof, but I'm learning that
LDAP and Active Directory can be challenging.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#233 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABEKCAKRIGRVHY2NCS4MODUP6ALBANCNFSM5JSIIJVA>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
|
|
@etianen also keen for this feature, and wondering if you had any advice on high-level approaches for implementing. Adding ability to subclass the "LDAPBackend" backend with a settings "Prefix" value - as used in django-auth-ldap see https://django-auth-ldap.readthedocs.io/en/latest/multiconfig.html) seems like a reasonable design to mirror. Would need changes to make sure this value can be passed down to instances of conf.settings, and the management commands may need "discover" any subclassed auth backends. Any Thoughts? |
|
That seems like a good, backwards-compatible approach. I'd be happy with that. |
|
Just tried to solve this issue, more details in PR #281 |
This is a great library. Really well done. It's working for a project great, but I wondered if anyone had used it yet in a situation where you may have two different LDAP servers that need to be searched for users in AD.
Example: One may be corp.forestlake.com and another may be corp.rivervalley.com. In each of those servers, then two search bases might be possible....
In example, "ou=Staff,ou=City1,ou=Site,ou=Company Name,dc=corp,dc=forestlake,dc=com".
My plan is to pass in dictionaries. Will this work ideally with the code and/or do all the settings have to be passed through in that way or just the ones that are going to be different?
The text was updated successfully, but these errors were encountered: