This is an example setup with NetBox using AzureAD for authentication. It uses the Python Social Auth library.
Most of this was taken from this gist: https://gist.github.com/leoluk/16d91ec22d833945c7ac7ed2b3b05a27
This is written to support NetBox v2.10 to v3.0. I'll try to note differences for 2.9 or earlier.
NOTE: NetBox v3.1 added basic support for using social_auth so most of this is no longer required and can be placed in the configuration.py
file.
You will need an AzureAD App Registration (Service Principal) created for NetBox and create a client secret to use. You'll need the Client ID and Tenant ID as well.
Within the App Registration create app roles that will be used to assign users to specific groups. The app role value must be the same as the NetBox group name. See the Microsoft docs on app roles. This step can be skipped if you remove the references to the set_role
method in custom_pipeline.py
.
The set_username
method in custom_pipeline.py
will set the user's UPN attribute as the NetBox username. Set this to any attribute you want.
Place the local_requirements.txt
file in the NetBox root directory (/opt/netbox
by default). See the NetBox docs. Install the Python package in the requirements file.
To overwrite the default settings.py and keep upgrades easier, move/rename the default settings.py
to upstream_settings.py
.
Enter your AzureAD information to the settings.py
file.
The configuration.py
provided here is just what is needed to setup this authentication. Merge it with your own configuration.py
.
Copy each file to the $INSTALL_ROOT/netbox/netbox/
directory
- custom_middleware.py
- custom_urls.py
- custom_pipeline.py
- settings.py
systemctl restart netbox netbox-rq
This no longer seems to work. I get: