NeoAnd/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2025-07-16 04:02:52 -06:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Fixed formatting and typos

Browse Source
This commit is contained in:
Jeremy Stretch 2017-06-08 10:02:16 -04:00
parent b032bc13db
commit 13add414c4
1 changed files with 13 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
docs/installation/ldap.md
View File

@ -1,5 +1,4 @@
This guide explains how to implement LDAP authentication using an external server. User authentication will fall back to This guide explains how to implement LDAP authentication using an external server. User authentication will fall back to built-in Django users in the event of a failure.
built-in Django users in the event of a failure.
# Requirements # Requirements
@ -49,6 +48,7 @@ AUTH_LDAP_BIND_PASSWORD = "demo"
# ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) # ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
LDAP_IGNORE_CERT_ERRORS = True LDAP_IGNORE_CERT_ERRORS = True
``` ```
!!! info !!! info
When using Windows Server 2012 you may need to specify a port on AUTH_LDAP_SERVER_URI - 3269 for secure, 3268 for non-secure. When using Windows Server 2012 you may need to specify a port on AUTH_LDAP_SERVER_URI - 3269 for secure, 3268 for non-secure.
@ -72,6 +72,7 @@ AUTH_LDAP_USER_ATTR_MAP = {
"last_name": "sn" "last_name": "sn"
} }
``` ```
!!! info !!! info
When using Windows Server 2012 AUTH_LDAP_USER_DN_TEMPLATE should be set to None. When using Windows Server 2012 AUTH_LDAP_USER_DN_TEMPLATE should be set to None.
@ -104,12 +105,9 @@ AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600 AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
``` ```
!!! info * `is_active` - All users must be mapped to at least this group to enable authentication. Without this, users cannot log in.
"is_active" - You must map all users to at least this group if you want their account to be treated as enabled. Without this, your users cannot log in. * `is_staff` - Users mapped to this group are enabled for access to the administration tools; this is the equivalent of checking the "staff status" box on a manually created user. This doesn't grant any specific permissions.
* `is_superuser` - Users mapped to this group will be granted superuser status. Superusers are implicitly granted all permissions.
"is_staff" - Users mapped to this group are enabled for access to the Administration tools; this is the equivalent of checking the "Staff status" box on a manually created user. This doesn't necessarily imply additional privileges, which still needed to be assigned via a group, or on a per-user basis.
"is_superuser" - Users mapped to this group in addition to the "is_staff" group will be assumed to have full permissions to all modules. Without also being mapped to "is_staff", this group observably has no impact to your effective permissions.
!!! info !!! info
It is also possible map user attributes to Django attributes: It is also possible map user attributes to Django attributes: