LDAP Authentication

tardis.tardis_portal.auth.ldap_auth

To enable LDAP you’ll need to specify which components of the LDAP authentication backend are enabled. In the settings.py add the following to either Authentication, User Provider, Group Provider slugs.:

'tardis.tardis_portal.auth.ldap_auth.ldap_auth'

This is a wrapper function that allows initialisation of the LDAP provider using settings.py values.

ldap_auth() Function

The following are configuration settings that are used when initialising the LDAP backend.

tardis.default_settings.LDAP_TLS

Enable TLS connections.

tardis.default_settings.LDAP_URL

Set the URL of the LDAP server, e.g. ldap://localhost:389/

tardis.default_settings.LDAP_USER_LOGIN_ATTR

Set the login attribute of the users, usually this will be either cn or uid

tardis.default_settings.LDAP_USER_ATTR_MAP

The LDAP user attribute map is used to map internal identifiers like first_name, last_name and email to their LDAP equivalents e.g. {“givenName”: “first_name”, “sn”: “last_name”, “mail”: “email”}

tardis.default_settings.LDAP_GROUP_ID_ATTR

This is where you specify the group identifier from LDAP, usually it will be cn.

tardis.default_settings.LDAP_GROUP_ATTR_MAP

This map is used to map internal identifiers like display e.g. {“description”: “display”}

tardis.default_settings.LDAP_BASE

Sets the search base of the LDAP queries dc=example, dc=com

tardis.default_settings.LDAP_USER_BASE

Sets the suffix to append to the user RDN (e.g. uid=jsmith) to construct the DN e.g. “ou=People, ” + LDAP_BASE

tardis.default_settings.LDAP_GROUP_BASE

Sets the suffix to append to the group RDN (e.g. cn=group1) to construct the DN e.g. “ou=Group, ” + LDAP_BASE