LDAP Authentication =================== For organisational integration, the administrative interface supports the authentication and authorisation of users against LDAP and Active Directory. The ``zonecontrol-ldap`` package provides the required components and the example configuration file contains basic information on the configuration of LDAP. Configuration of the LDAP server, domain components, common names for groups etcetera should be made in the ``/etc/zonecontrol/settings.py`` file. The exact configuration depends on the organisation's LDAP tree and attributes, the *OX PowerDNS Team* can help with the integration. More information can be found on the `django-ldap-auth `__ website. .. code-block:: python import ldap from django_auth_ldap.config import LDAPSearch, PosixGroupType # Tell Django we are using LDAP to authenticate AUTHENTICATION_BACKENDS = [ 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend', ] # Access to the LDAP server AUTH_LDAP_SERVER_URI = "ldap://localhost" AUTH_LDAP_BIND_DN = "" AUTH_LDAP_BIND_PASSWORD = "" # The LDAP query for the user AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=People,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(uid=%(user)s)") # The LDAP query for the groups this user belongs to AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=Group,dc=example,dc=com", ldap.SCOPE_SUBTREE, "(memberUid=%(user)s)") # The type of group that is returned. AUTH_LDAP_GROUP_TYPE = PosixGroupType(name_attr='cn') # Map the user's first and last name to the Django users. AUTH_LDAP_USER_ATTR_MAP = {"first_name": "givenName", "last_name": "sn"} # Every user in group1 is active, a staffmember and a superuser. AUTH_LDAP_USER_FLAGS_BY_GROUP = { 'is_active': 'cn=group1,ou=Group,dc=example,dc=com', 'is_staff': 'cn=group1,ou=Group,dc=example,dc=com', 'is_superuser': 'cn=group1,ou=Group,dc=example,dc=com', }