Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding additional advanced documentation. #556

Merged
merged 1 commit into from
Jul 28, 2023
Merged

Adding additional advanced documentation. #556

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Adding additional advanced documentation. 
I had to jump through some hoops to get Coldfront's LDAP authentication
working against Active Directory. I believe these extra examples in the
documentation could be useful to other institutions who run into the
same issues I did.
  • Loading branch information
@lcrownover
lcrownover committed Jul 27, 2023
commit 853675dec5e9693b0d6ab7eac5d60a33fcfe3c79
34 changes: 29 additions & 5 deletions docs/pages/config.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -263,11 +263,11 @@ exist in your backend LDAP to show up in the ColdFront user search.
ColdFront uses the [Django
settings](https://docs.djangoproject.com/en/3.1/topics/settings/). In most
cases, you can set custom configurations via environment variables above. If
you need more control over the configuration you can use a `local_settings.py`
file and override any Django settings. For example, instead of setting the
`DB_URL` environment variable above, we can create
`/etc/coldfront/local_settings.py` or create a `local_settings.py` file
in the coldfront project root and add our custom database configs as follows:
you need more control over the configuration you can create `/etc/coldfront/local_settings.py`
or create a `local_settings.py` file in the coldfront project root
to override any Django settings. Some examples:

Instead of setting the `DB_URL` environment variable, we can add a custom database configuration:

```python
DATABASES = {
Expand All @@ -282,6 +282,30 @@ DATABASES = {
}
```

To authenticate against Active Directory, it's not uncommon to need
the `OPT_REFERRALS` set to `0`. Likewise, we should look for users based
on their `sAMAccountName` attribute, rather than `uid`.

```python
AUTH_LDAP_CONNECTION_OPTIONS={ldap.OPT_REFERRALS: 0}
AUTH_LDAP_BASE_DN = 'dc=example,dc=org' # same value as AUTH_LDAP_USER_SEARCH
AUTH_LDAP_USER_SEARCH = LDAPSearch(
AUTH_LDAP_BASE_DN, ldap.SCOPE_SUBTREE, '(sAMAccountName=%(user)s)')
```

Additional debug logging can be configured for troubleshooting. This example
attaches the `django_auth_ldap` logs to the primary Django logger so you
can see debug those logs in your main log output.

```python
LOGGING = {
"version": 1,
"disable_existing_loggers": False,
"handlers": {"console": {"class": "logging.StreamHandler"}},
"loggers": {"django_auth_ldap": {"level": "DEBUG", "handlers": ["console"]}
},
```

## Custom Branding

The default HTML templates and css can be easily customized to add your own
Expand Down