LDAP authentication documentation: add paragraph about group creation required. #2988
Labels
status: accepted
This issue has been accepted for implementation
type: documentation
A change or addition to the documentation
Comments
DanSheps
added
type: documentation
Merged
jeremystretch
added a commit
that referenced
this issue
Jan 2, 2020
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Change Type
[X] Addition
[ ] Correction
[ ] Deprecation
[ ] Cleanup (formatting, typos, etc.)
Proposed Changes
On the netbox ldap configuration page it would be great to explain that the three users groups (is_active, is_staff, is_superuser) must exist in the LDAP directory otherwise authentication will fail while trying to retrieve the user group mapping.
Reason; Netbox is trying to retrieve permissions using an LDAP compareRequest, however if one of the group is not present in the LDAP directory, the LDAP server may reply with a success response instead of compareResponse. Because of the implementation of the Python ldap module, such a response would lead to an exception and authentication will fail.
The text was updated successfully, but these errors were encountered: