Hello,
I need help with configure Active Directory in Mayan 4.4.5 “direct deployment”.
Regards,
KS
Hi,
The first thing you need to do is switch to a Docker Compose installation. Direct deployment is deprecated and requires advanced experience with Python, Django, and Linux.
Active Directory/LDAP authentication requires additional Python and Linux packages which are already included in the Docker image.
I need help with the same thing in LDAP, I have it working perfectly on version 3 here is the code that currently working
Do I need to generate a new Secret Key for the new deployment?
I copied the database and everything over to the newer version.
Here is where the ldap_settings.py is located /opt/mayan-edms/media/mayan_settings
LDAP FILE
from future import absolute_import
from mayan.settings.production import *
import ldap
from django_auth_ldap.config import (
LDAPSearch, LDAPSearchUnion, NestedActiveDirectoryGroupType
)
from django.contrib.auth import get_user_model
SECRET_KEY = ‘’
makes sure this works in Active Directory
ldap.set_option(ldap.OPT_REFERRALS, 0)
Turn of debug output, turn this off when everything is working as expected
ldap.set_option(ldap.OPT_DEBUG_LEVEL, 4095)
This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True
LDAP_USER_AUTO_CREATION = “False”
LDAP_URL = “ldap://”
LDAP_BASE_DN = “DC=usit,DC=com”
LDAP_ADMIN_DN = “CN=,OU=,DC=usit,DC=com”
LDAP_PASSWORD = “”
AUTH_LDAP_SERVER_URI = LDAP_URL
AUTH_LDAP_BIND_DN = LDAP_ADMIN_DN
AUTH_LDAP_BIND_PASSWORD = LDAP_PASSWORD
AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(
LDAPSearch(
‘OU=WebDevelopment,DC=USIT,DC=com’,
ldap.SCOPE_SUBTREE,‘(samaccountname=%(user)s)’
),
LDAPSearch(
‘OU=Information Technology,DC=USIT,DC=com’,
ldap.SCOPE_SUBTREE,‘(samaccountname=%(user)s)’
),
LDAPSearch(
‘OU=Service Accounts,DC=USIT,DC=com’,
ldap.SCOPE_SUBTREE,‘(samaccountname=%(user)s)’
),
LDAPSearch(
‘OU=Environmental,DC=USIT,DC=com’,
ldap.SCOPE_SUBTREE,‘(samaccountname=%(user)s)’
),
LDAPSearch(
‘OU=Fish & Wildlife,DC=USIT,DC=com’,
ldap.SCOPE_SUBTREE,‘(samaccountname=%(user)s)’
),
LDAPSearch(
‘OU=Law,DC=USIT,DC=com’,
ldap.SCOPE_SUBTREE,‘(samaccountname=%(user)s)’
),
)
AUTH_LDAP_USER_ATTR_MAP = {
‘first_name’: ‘givenName’,
‘last_name’: ‘sn’,
‘email’: ‘mail’
}
AUTHENTICATION_BACKENDS = (
‘django_auth_ldap.backend.LDAPBackend’,
‘django.contrib.auth.backends.ModelBackend’,
‘mayan.media.mayan_settings.ldaplogin.EmailOrUsernameModelBackend’,
)
class EmailOrUsernameModelBackend(object):
“”"
This is a ModelBacked that allows authentication with either a username or $
“”"
def authenticate(self, username=None, password=None):
if ‘@’ in username:
kwargs = {‘email’: username}
else:
kwargs = {‘username’: username}
try:
user = get_user_model().objects.get(**kwargs)
if user.check_password(password):
return user
except get_user_model().DoesNotExist:
return None
def get_user(self, username):
try:
return get_user_model().objects.get(pk=username)
except get_user_model().DoesNotExist:
return None
Mayan CONF file settings
environment=
PYTHONPATH=“/opt/mayan-edms/media/user_settings”,
MAYAN_ALLOWED_HOSTS=‘[“*”]’,
MAYAN_MEDIA_ROOT=“/opt/mayan-edms/media”,
MAYAN_PYTHON_BIN_DIR=/opt/mayan-edms/bin/,
MAYAN_GUNICORN_BIN=/opt/mayan-edms/bin/gunicorn,
MAYAN_GUNICORN_LIMIT_REQUEST_LINE=4094,
MAYAN_GUNICORN_MAX_REQUESTS=500,
MAYAN_GUNICORN_REQUESTS_JITTER=50,
MAYAN_GUNICORN_TEMPORARY_DIRECTORY=“”,
MAYAN_GUNICORN_TIMEOUT=120,
MAYAN_GUNICORN_WORKER_CLASS=sync,
MAYAN_GUNICORN_WORKERS=3,
MAYAN_SETTINGS_MODULE=mayan.settings.production,
MAYAN_WORKER_A_CONCURRENCY=“”,
MAYAN_WORKER_A_MAX_MEMORY_PER_CHILD=“–max-memory-per-child=300000”,
MAYAN_WORKER_A_MAX_TASKS_PER_CHILD=“–max-tasks-per-child=100”,
MAYAN_WORKER_B_CONCURRENCY=“”,
MAYAN_WORKER_B_MAX_MEMORY_PER_CHILD=“–max-memory-per-child=300000”,
MAYAN_WORKER_B_MAX_TASKS_PER_CHILD=“–max-tasks-per-child=100”,
MAYAN_WORKER_C_CONCURRENCY=“”,
MAYAN_WORKER_C_MAX_MEMORY_PER_CHILD=“–max-memory-per-child=300000”,
MAYAN_WORKER_C_MAX_TASKS_PER_CHILD=“–max-tasks-per-child=100”,
MAYAN_WORKER_D_CONCURRENCY=“–concurrency=1”,
MAYAN_WORKER_D_MAX_MEMORY_PER_CHILD=“–max-memory-per-child=300000”,
MAYAN_WORKER_D_MAX_TASKS_PER_CHILD=“–max-tasks-per-child=10”,
_LAST_LINE=“”
Thank you