sources/ldap: set default group property mapping

This commit is contained in:
Jens Langhammer 2021-02-06 19:17:39 +01:00
parent a885247d36
commit db7e9f9b95
3 changed files with 23 additions and 2 deletions

View file

@ -45,6 +45,7 @@ class LDAPSourceForm(forms.ModelForm):
"object_uniqueness_field",
"sync_parent_group",
]
labels = {"property_mappings_group": _("Group property mappings")}
widgets = {
"name": forms.TextInput(),
"server_uri": forms.TextInput(),

View file

@ -1,12 +1,30 @@
# Generated by Django 3.1.6 on 2021-02-06 14:01
from django.apps.registry import Apps
from django.db import migrations, models
def set_default_group_mappings(apps: Apps, schema_editor):
LDAPPropertyMapping = apps.get_model(
"authentik_sources_ldap", "LDAPPropertyMapping"
)
LDAPSource = apps.get_model("authentik_sources_ldap", "LDAPSource")
db_alias = schema_editor.connection.alias
for source in LDAPSource.objects.using(db_alias).all():
if source.property_mappings_group.exists():
continue
source.property_mappings_group.set(
LDAPPropertyMapping.objects.using(db_alias).filter(
managed="goauthentik.io/sources/ldap/default-name"
)
)
source.save()
class Migration(migrations.Migration):
dependencies = [
("authentik_core", "0017_managed"),
("authentik_sources_ldap", "0010_auto_20210205_1027"),
]
@ -21,4 +39,5 @@ class Migration(migrations.Migration):
to="authentik_core.PropertyMapping",
),
),
migrations.RunPython(set_default_group_mappings),
]

View file

@ -40,7 +40,8 @@ Use these settings:
- Bind CN: `<name of your service user>@ad.company`
- Bind Password: The password you've given the user above
- Base DN: The base DN which you want authentik to sync
- Property Mappings: Shift-Select all
- Property mappings: Control/Command-select all Mappings which start with "authentik default LDAP" and "authentik default Active Directory"
- Group property mappings: Select "authentik default LDAP Mapping: Name"
The other settings might need to be adjusted based on the setup of your domain.