I had a need for unique authentication settings on a per domain basis (with differing mail domains & internal/AD domains, along with differing search DN's and User/Admin group assignments) so I extended the existing models.py & ad.py authentication backend to include a new model. Not sure if this will help anyone or not, but it was a requirement for me... I've attached the modified files. I've never used Django (and only lightly dabbled in python) before, so I apologize now if there's a better way to implement this... I didn't want to modify the existing MailAuthHost class in models.py, so I simply added a new one (MailADAuthHost). I'm not using all of the fields configured in the class (namely the log location, AD search fields, and AD ldap scheme - both of these are still configured in settings.py), but I might at a later time, particularly when I'd like to configure logs per AD domain for troubleshooting. I'm working on modifying the form/view/etc. to support these settings from the administrative interface when protocol 'Active Directory' is configured... Right now, I've just added these settings directly to the table in MySQL. When using the new files:
- Replace existing models.py and ad.py files (backup originals first) - Run: 'baruwa-admin sqlall config' - From the generated SQL statements, execute those relating to table 'auth_domain'. (CREATE and ALTER statements) - Manually add a new record to table 'auth_domain', at least specifying ad_host_id, ad_search_dn, ad_admin_group, ad_user_group, ad_auth_domain o Field ad_auth_domain is used to force AD + mail domain association rather than using 'split address enabled' (which wasn't working for me anyway). o Field ad_host_id corresponds to the id in the table auth_hosts that is associated with the auth_domain settings .
ad.py
Description: ad.py
models.py
Description: models.py
_______________________________________________ Keep Baruwa FREE - http://pledgie.com/campaigns/12056
