LDAP Authentication
You can configure LDAP with the following environment variables:
TA_LDAP
(ex:true
) Set to anything besides empty string to use LDAP authentication instead of local user authentication.TA_LDAP_SERVER_URI
(ex:ldap://ldap-server:389
) Set to the uri of your LDAP server.TA_LDAP_DISABLE_CERT_CHECK
(ex:true
) Set to anything besides empty string to disable certificate checking when connecting over LDAPS.TA_LDAP_BIND_DN
(ex:uid=search-user,ou=users,dc=your-server
) DN of the user that is able to perform searches on your LDAP account.TA_LDAP_BIND_PASSWORD
(ex:yoursecretpassword
) Password for the search user.TA_LDAP_USER_ATTR_MAP_USERNAME
(default:uid
) Bind attribute used to map LDAP user's usernameTA_LDAP_USER_ATTR_MAP_PERSONALNAME
(default:givenName
) Bind attribute used to match LDAP user's First Name/Personal Name.TA_LDAP_USER_ATTR_MAP_SURNAME
(default:sn
) Bind attribute used to match LDAP user's Last Name/Surname.TA_LDAP_USER_ATTR_MAP_EMAIL
(default:mail
) Bind attribute used to match LDAP user's EMail addressTA_LDAP_USER_BASE
(ex:ou=users,dc=your-server
) Search base for user filter.TA_LDAP_USER_FILTER
(ex:(objectClass=user)
) Filter for valid users. Login usernames are matched using the attribute specified inTA_LDAP_USER_ATTR_MAP_USERNAME
and should not be specified in this filter.
When LDAP authentication is enabled, django passwords (e.g. the password defined in TA_PASSWORD), will not allow you to login, only the LDAP server is used.