From bd4fee943dbefdf3bb2d7af932d0120dbbdd3475 Mon Sep 17 00:00:00 2001 From: Laurent GAY Date: Thu, 14 Dec 2023 19:48:34 +0100 Subject: [PATCH] correct config LDAP --- conf/extra_diacamma.json | 9 +++++---- scripts/install | 1 + 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/conf/extra_diacamma.json b/conf/extra_diacamma.json index 491ec0c..ce795b5 100644 --- a/conf/extra_diacamma.json +++ b/conf/extra_diacamma.json @@ -4,18 +4,19 @@ "FORCE_SCRIPT_NAME":"/__APP__", "LDAP_SERVERS": [{"host": "127.0.0.1", "port": 389, "use_ssl": false, "get_info": "NONE"}], "LDAP_ENGINE" : "OpenLDAP", + "LDAP_AUTHENTICATION" : "ANONYMOUS", "LDAP_BIND_USER" : "", "LDAP_BIND_PASSWORD" : "", "LDAP_ATTRIBUTES_MAP" : {"username": "uid", "first_name": "cn", "last_name": "sn", "email": "mail"}, "LDAP_SEARCH_BASE" : "ou=users,dc=yunohost,dc=org", - "LDAP_USER_SEARCH_FILTER" : "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))", - "LDAP_USER_MODEL_USERNAME_FIELD" : "uid", + "LDAP_USER_SEARCH_FILTER" : "(&(|(objectclass=posixAccount))(uid=%s)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))", + "LDAP_USER_MODEL_USERNAME_FIELD" : "username", "LDAP_USE_LDAP_GROUPS" : true, "LDAP_GROUPS_SEARCH_BASE" : "ou=permission,dc=yunohost,dc=org", "LDAP_GROUPS_SEARCH_FILTER" : "(objectclass=top)", - "LDAP_GROUP_MEMBER_ATTRIBUTE" : "memberUid", + "LDAP_GROUP_MEMBER_ATTRIBUTE" : "inheritPermission", "LDAP_GROUPS_MAP" : {}, - "LDAP_SUPERUSER_GROUPS" : ["permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org"], + "LDAP_SUPERUSER_GROUPS" : ["cn=__APP__.admin,ou=permission,dc=yunohost,dc=org"], "LDAP_STAFF_GROUPS" : [], "LDAP_IGNORED_LOCAL_GROUPS" : [], "USER_READONLY": true, diff --git a/scripts/install b/scripts/install index 771da11..051daba 100644 --- a/scripts/install +++ b/scripts/install @@ -13,6 +13,7 @@ python3 -m venv venv venv/bin/pip3 install -U lucterios lucterios-standard lucterios-contacts lucterios-documents venv/bin/pip3 install -U diacamma-asso diacamma-syndic diacamma-financial venv/bin/pip3 install -U gunicorn psycopg2-binary psycopg2 django-auth-ldap3-ad +sed -i 's|member=%s|inheritPermission=%s|g' venv/lib/python*/site-packages/django_auth_ldap3_ad/auth.py venv/bin/lucterios_admin.py installed ynh_add_config --template="../conf/extra_diacamma.json" --destination="/tmp/extra.json" extra_json=$(jq -c . /tmp/extra.json)