Skip to content

Instantly share code, notes, and snippets.

@jhedden

jhedden/awx_ad_ldap_cfg.json

Created March 15, 2019 20:59
Show Gist options
  • Save jhedden/f489a02b3aea162255254a609106c5c9 to your computer and use it in GitHub Desktop.
Save jhedden/f489a02b3aea162255254a609106c5c9 to your computer and use it in GitHub Desktop.
Download ZIP
AWX AD LDAP Config
Raw
awx_ad_ldap_cfg.json
{
"AUTH_LDAP_SERVER_URI": "ldaps://<LDAP FQDN>:636",
"AUTH_LDAP_BIND_DN": "CN=<CN>,OU=<OU>,OU=UserObjects,DC=<DC HOSTNAME>,DC=<DC DOMAIN>,DC=<DC SUFFIX>",
"AUTH_LDAP_BIND_PASSWORD": "$encrypted$",
"AUTH_LDAP_START_TLS": false,
"AUTH_LDAP_CONNECTION_OPTIONS": {
"OPT_NETWORK_TIMEOUT": 30,
"OPT_REFERRALS": 0
},
"AUTH_LDAP_USER_SEARCH": [
"OU=<OPTIONAL Sub OU>,OU=UserObjects,DC=<DC HOSTNAME>,DC=<DC DOMAIN>,DC=<DC SUFFIX>",
"SCOPE_SUBTREE",
"(sAMAccountName=%(user)s)"
],
"AUTH_LDAP_USER_DN_TEMPLATE": null,
"AUTH_LDAP_USER_ATTR_MAP": {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
},
"AUTH_LDAP_GROUP_SEARCH": [
"OU=GroupObjects,DC=<DC HOSTNAME>,DC=<DC NAME>,DC=<DC SUFFIX>",
"SCOPE_SUBTREE",
"(objectClass=group)"
],
"AUTH_LDAP_GROUP_TYPE": "MemberDNGroupType",
"AUTH_LDAP_GROUP_TYPE_PARAMS": {
"member_attr": "member",
"name_attr": "cn"
},
"AUTH_LDAP_REQUIRE_GROUP": null,
"AUTH_LDAP_DENY_GROUP": null,
"AUTH_LDAP_USER_FLAGS_BY_GROUP": {
"is_superuser": [
"CN=<CN GROUP>,OU=<OPTIONAL GROUP>,OU=GroupObjects,DC=<DC HOSTNAME>,DC=<DC NAME>,DC=<DC SUFFIX>"
]
},
"AUTH_LDAP_ORGANIZATION_MAP": {
"<ORG NAME>": {
"admins": "CN=<CN GROUP>,OU=<OPTIONAL GROUP>,OU=GroupObjects,DC=<DC HOSTNAME>,DC=<DC NAME>,DC=<DC SUFFIX>",
"remove_admins": false,
"remove_users": false,
"users": [
"CN=<CN GROUP>,OU=<OPTIONAL GROUP>,OU=GroupObjects,DC=<DC HOSTNAME>,DC=<DC NAME>,DC=<DC SUFFIX>"
]
}
},
"AUTH_LDAP_TEAM_MAP": {
"Development": {
"organization": "<ORG NAME>",
"users": "CN=<CN GROUP>,OU=<OPTIONAL GROUP>,OU=GroupObjects,DC=<DC HOSTNAME>,DC=<DC NAME>,DC=<DC SUFFIX>",
"remove": true
},
"Engineering": {
"organization": "<ORG NAME>",
"users": "CN=<CN GROUP>,OU=<OPTIONAL GROUP>,OU=GroupObjects,DC=<DC HOSTNAME>,DC=<DC NAME>,DC=<DC SUFFIX>",
"remove": true
}
},
"AUTH_LDAP_1_SERVER_URI": "",
"AUTH_LDAP_1_BIND_DN": "",
"AUTH_LDAP_1_BIND_PASSWORD": "",
"AUTH_LDAP_1_START_TLS": false,
"AUTH_LDAP_1_CONNECTION_OPTIONS": {
"OPT_NETWORK_TIMEOUT": 30,
"OPT_REFERRALS": 0
},
"AUTH_LDAP_1_USER_SEARCH": [],
"AUTH_LDAP_1_USER_DN_TEMPLATE": null,
"AUTH_LDAP_1_USER_ATTR_MAP": {},
"AUTH_LDAP_1_GROUP_SEARCH": [],
"AUTH_LDAP_1_GROUP_TYPE": "MemberDNGroupType",
"AUTH_LDAP_1_GROUP_TYPE_PARAMS": {
"member_attr": "member",
"name_attr": "cn"
},
"AUTH_LDAP_1_REQUIRE_GROUP": null,
"AUTH_LDAP_1_DENY_GROUP": null,
"AUTH_LDAP_1_USER_FLAGS_BY_GROUP": {},
"AUTH_LDAP_1_ORGANIZATION_MAP": {},
"AUTH_LDAP_1_TEAM_MAP": {},
"AUTH_LDAP_2_SERVER_URI": "",
"AUTH_LDAP_2_BIND_DN": "",
"AUTH_LDAP_2_BIND_PASSWORD": "",
"AUTH_LDAP_2_START_TLS": false,
"AUTH_LDAP_2_CONNECTION_OPTIONS": {
"OPT_NETWORK_TIMEOUT": 30,
"OPT_REFERRALS": 0
},
"AUTH_LDAP_2_USER_SEARCH": [],
"AUTH_LDAP_2_USER_DN_TEMPLATE": null,
"AUTH_LDAP_2_USER_ATTR_MAP": {},
"AUTH_LDAP_2_GROUP_SEARCH": [],
"AUTH_LDAP_2_GROUP_TYPE": "MemberDNGroupType",
"AUTH_LDAP_2_GROUP_TYPE_PARAMS": {
"member_attr": "member",
"name_attr": "cn"
},
"AUTH_LDAP_2_REQUIRE_GROUP": null,
"AUTH_LDAP_2_DENY_GROUP": null,
"AUTH_LDAP_2_USER_FLAGS_BY_GROUP": {},
"AUTH_LDAP_2_ORGANIZATION_MAP": {},
"AUTH_LDAP_2_TEAM_MAP": {},
"AUTH_LDAP_3_SERVER_URI": "",
"AUTH_LDAP_3_BIND_DN": "",
"AUTH_LDAP_3_BIND_PASSWORD": "",
"AUTH_LDAP_3_START_TLS": false,
"AUTH_LDAP_3_CONNECTION_OPTIONS": {
"OPT_NETWORK_TIMEOUT": 30,
"OPT_REFERRALS": 0
},
"AUTH_LDAP_3_USER_SEARCH": [],
"AUTH_LDAP_3_USER_DN_TEMPLATE": null,
"AUTH_LDAP_3_USER_ATTR_MAP": {},
"AUTH_LDAP_3_GROUP_SEARCH": [],
"AUTH_LDAP_3_GROUP_TYPE": "MemberDNGroupType",
"AUTH_LDAP_3_GROUP_TYPE_PARAMS": {
"member_attr": "member",
"name_attr": "cn"
},
"AUTH_LDAP_3_REQUIRE_GROUP": null,
"AUTH_LDAP_3_DENY_GROUP": null,
"AUTH_LDAP_3_USER_FLAGS_BY_GROUP": {},
"AUTH_LDAP_3_ORGANIZATION_MAP": {},
"AUTH_LDAP_3_TEAM_MAP": {},
"AUTH_LDAP_4_SERVER_URI": "",
"AUTH_LDAP_4_BIND_DN": "",
"AUTH_LDAP_4_BIND_PASSWORD": "",
"AUTH_LDAP_4_START_TLS": false,
"AUTH_LDAP_4_CONNECTION_OPTIONS": {
"OPT_NETWORK_TIMEOUT": 30,
"OPT_REFERRALS": 0
},
"AUTH_LDAP_4_USER_SEARCH": [],
"AUTH_LDAP_4_USER_DN_TEMPLATE": null,
"AUTH_LDAP_4_USER_ATTR_MAP": {},
"AUTH_LDAP_4_GROUP_SEARCH": [],
"AUTH_LDAP_4_GROUP_TYPE": "MemberDNGroupType",
"AUTH_LDAP_4_GROUP_TYPE_PARAMS": {
"member_attr": "member",
"name_attr": "cn"
},
"AUTH_LDAP_4_REQUIRE_GROUP": null,
"AUTH_LDAP_4_DENY_GROUP": null,
"AUTH_LDAP_4_USER_FLAGS_BY_GROUP": {},
"AUTH_LDAP_4_ORGANIZATION_MAP": {},
"AUTH_LDAP_4_TEAM_MAP": {},
"AUTH_LDAP_5_SERVER_URI": "",
"AUTH_LDAP_5_BIND_DN": "",
"AUTH_LDAP_5_BIND_PASSWORD": "",
"AUTH_LDAP_5_START_TLS": false,
"AUTH_LDAP_5_CONNECTION_OPTIONS": {
"OPT_NETWORK_TIMEOUT": 30,
"OPT_REFERRALS": 0
},
"AUTH_LDAP_5_USER_SEARCH": [],
"AUTH_LDAP_5_USER_DN_TEMPLATE": null,
"AUTH_LDAP_5_USER_ATTR_MAP": {},
"AUTH_LDAP_5_GROUP_SEARCH": [],
"AUTH_LDAP_5_GROUP_TYPE": "MemberDNGroupType",
"AUTH_LDAP_5_GROUP_TYPE_PARAMS": {
"member_attr": "member",
"name_attr": "cn"
},
"AUTH_LDAP_5_REQUIRE_GROUP": null,
"AUTH_LDAP_5_DENY_GROUP": null,
"AUTH_LDAP_5_USER_FLAGS_BY_GROUP": {},
"AUTH_LDAP_5_ORGANIZATION_MAP": {},
"AUTH_LDAP_5_TEAM_MAP": {}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment