How to map LDAP AD Groups to User roles in python flask AppBuilder

About

Asked 23/6, 2018 at 13:56 Answered 14/9, 2021 at 13:36

I'm currently trying to map automatically user groups in LDAP to user roles in a flask AppBuilder framework based application but can't come up with a solution. I have read through the entire flask AppBuilder documentation and didn't find anything related to this. Here is the basic configuration I have come up with. I don't know how I could map different roles to different user groups.

AUTH_TYPE = AUTH_LDAP
AUTH_LDAP_SERVER = "ldap://ldapserver.local"
AUTH_LDAP_USE_TLS = False
AUTH_LDAP_SEARCH = "dc=domain,dc=local"
AUTH_LDAP_BIND_USER = "CN=Query User,OU=People,dc=domain,dc=local"
AUTH_LDAP_BIND_PASSWORD = "password"
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Admin"

Cassandracassandre answered 23/6, 2018 at 13:56 Comment(1)

Did you ever found the correct configuration? I'm trying to configure my apache airflow server and can't seem to find the correct settings for our AD server. – Karimakarin 5/9, 2019 at 19:35

airflow 2.1.1

WTF_CSRF_ENABLED = True
AUTH_TYPE = AUTH_LDAP
AUTH_ROLE_ADMIN = 'Admin'
AUTH_USER_REGISTRATION = True

AUTH_USER_REGISTRATION_ROLE = "Public"

AUTH_LDAP_USE_TLS = False
AUTH_LDAP_SERVER = "ldap://ldapserver.local:389"

AUTH_LDAP_SEARCH = "OU=Users,DC=ldapserver,DC=local"

AUTH_LDAP_BIND_USER = "CN=Query User,OU=People,dc=ldapserver,dc=local"
AUTH_LDAP_BIND_PASSWORD = "password"

AUTH_LDAP_UID_FIELD = "sAMAccountName"

AUTH_ROLES_MAPPING = {
    "CN=group_1_name,OU=Groups,DC=ldapserver,DC=local": ["Admin"],
    "CN=group_2_name,OU=Groups,DC=ldapserver,DC=local": ["Viewer"],
}

AUTH_LDAP_GROUP_FIELD = "memberOf"
AUTH_ROLES_SYNC_AT_LOGIN = False
PERMANENT_SESSION_LIFETIME = 1800

Furrier answered 14/9, 2021 at 13:36 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags