Configuring Repository to use Active Directory#
Microsoft Active Directory is a server program that provides directory services and uses the open industry standard Lightweight Directory Access Protocol (LDAP).
To enable Active Directory support:
Open the Repository configuration file
$PREFIX/etc/anaconda-server/config.yamland add the following configuration:account_names_filter: false USER_REGEX: ^[a-z0-9_][a-z0-9_-.]+$ LDAP: # Replace with company LDAP server 'URI': 'ldap://<ldap.server.url>' # This BIND_DN/BIND_PASSWORD default to '', this is shown here for # demonstrative purposes. To enable Authorized Bind, insert the AD # BIND_DN and BIND_AUTH password for and authorized AD user. # #e.g. 'BIND_DN': '<cn=Authorized User,cn=users,dc=company,dc=local>' #e.g. 'BIND_AUTH': '<AuthUsrPassword>' # The values '' perform an anonymous bind so we may use search/bind method BIND_DN: '' BIND_AUTH: '' # Adding the USER_SEARCH field tells the flask-ldap-login that we # are using the search/bind method USER_SEARCH: base: <cn=users,dc=company,dc=local> filter: sAMAccountName=%(username)s # Map ldap keys into application specific keys KEY_MAP: name: 'cn' company: 'o' location: 'l' email: 'userPrincipalName'To apply the changes, restart the Repository server:
supervisorctl restart all
Run the
flask-ldap-login-checkcommand to verify Active Directory connectivity:flask-ldap-login-check binstar.wsgi:app --username 'jsmith' --password 'abc123DEF'
NOTE: Replace
jsmithandabc123DEFwith your Active Directory username and password.You see a response similar to the following:
[anaconda.server] Started Site Got userdata for jsmith {'company': None, 'email': None, 'location': None, 'name': 'Jane Smith'}
Open your browser and navigate to your local Repository installation:
http://your.anaconda.repository
NOTE: Replace
your.anaconda.repositorywith your Repository IP address or domain name.Log in with Active Directory.