You must now edit the file for local settings, settings_local.py
.
# # settings.py snippet for LDAP auth # # This is a sample settings snippet for LDAP auth. Include it in # the settings_local.py file and modify the settings as appropriate. # # Full documentation is available at: https://pythonhosted.org/django-auth-ldap/ # # python modules required are: # python-ldap - yum install python-ldap OR pip install python-ldap # django-auth-ldap - pip install django-auth-ldap # # Note: This is not a complete settings file. Use with a complete file. import ldap from django_auth_ldap.config import LDAPSearch, NestedActiveDirectoryGroupType # Connection options AUTH_LDAP_SERVER_URI = "ldap://10.12.0.10:389" # AUTH_LDAP_START_TLS = True # AUTH_LDAP_SERVER_URI = "ldaps://win-ih9gmllt094.arctest.arcadiadata.com:636" # Bind user AUTH_LDAP_BIND_DN = "CN=arcadmin,CN=Users,DC=arctest,DC=arcadiadata,DC=com" AUTH_LDAP_BIND_PASSWORD = "Password" # Required Group for all users AUTH_LDAP_REQUIRE_GROUP = "CN=arcviz users,CN=Users,DC=arctest,DC=arcadiadata,DC=com" # Group for Admins AUTH_LDAP_USER_FLAGS_BY_GROUP = { "is_superuser": ["CN=arcviz admins,CN=Users,DC=arctest,DC=arcadiadata,DC=com"] } # User and group search objects and types AUTH_LDAP_USER_SEARCH = LDAPSearch("CN=Users,DC=arctest,DC=arcadiadata,DC=com", ldap.SCOPE_SUBTREE,"(sAMAccountName=%(user)s)") AUTH_LDAP_GROUP_SEARCH = LDAPSearch("CN=Users,DC=arctest,DC=arcadiadata,DC=com", ldap.SCOPE_SUBTREE, "(objectClass=group)") # Map LDAP attributes to Django AUTH_LDAP_USER_ATTR_MAP = { "first_name": "givenName", "last_name": "sn", "email": "mail" } # Cache settings # Note this may cause a delay when groups are changed in LDAP AUTH_LDAP_CACHE_GROUPS = True AUTH_LDAP_GROUP_CACHE_TIMEOUT = 300 # Group Settings AUTH_LDAP_GROUP_TYPE = NestedActiveDirectoryGroupType() AUTH_LDAP_FIND_GROUP_PERMS = True AUTH_LDAP_MIRROR_GROUPS = False # Some optional TLS/SSL options # AUTH_LDAP_GLOBAL_OPTIONS = { # ldap.OPT_X_TLS_CACERTFILE: "/etc/bla.cert", # Point to CA Cert file # ldap.OPT_X_TLS_REQUIRE_CERT: ldap.OPT_X_TLS_NEVER, # Disable cert checking # } AUTH_LDAP_CONNECTION_OPTIONS = { ldap.OPT_DEBUG_LEVEL: 1, # 0 to 255 ldap.OPT_REFERRALS: 0, # For Active Directory } # If there is no Bind User you can use these settings, but it's not the preferred way # AUTH_LDAP_BIND_AS_AUTHENTICATING_USER = True # AUTH_LDAP_USER_DN_TEMPLATE = "CN=%(user)s,CN=Users,DC=arctest,DC=arcadiadata,DC=com" # The backends needed to make this work. AUTHENTICATION_BACKENDS = ( 'django_auth_ldap.backend.LDAPBackend', 'django.contrib.auth.backends.ModelBackend' )