90aa5409cd
* sources/ldap: add default property mapping to mirror directory structure Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * adjust name Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
94 lines
3.2 KiB
YAML
94 lines
3.2 KiB
YAML
version: 1
|
|
metadata:
|
|
labels:
|
|
blueprints.goauthentik.io/system: "true"
|
|
name: System - LDAP Source - Mappings
|
|
entries:
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/default-dn-path
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default LDAP Mapping: DN to User Path"
|
|
object_field: "path"
|
|
expression: |
|
|
dn = ldap.get("distinguishedName")
|
|
path_elements = []
|
|
for pair in dn.split(","):
|
|
attr, _, value = pair.partition("=")
|
|
# Ignore elements from the Root DSE and the canonical name of the object
|
|
if attr.lower() in ["cn", "dc"]:
|
|
continue
|
|
path_elements.append(value)
|
|
path_elements.reverse()
|
|
|
|
path = source.get_user_path()
|
|
if len(path_elements) > 0:
|
|
path = f"{path}/{'/'.join(path_elements)}"
|
|
return path
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/default-name
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default LDAP Mapping: Name"
|
|
object_field: "name"
|
|
expression: |
|
|
return ldap.get('name')
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/default-mail
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default LDAP Mapping: mail"
|
|
object_field: "email"
|
|
expression: |
|
|
return ldap.get('mail')
|
|
# ActiveDirectory-specific mappings
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/ms-samaccountname
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default Active Directory Mapping: sAMAccountName"
|
|
object_field: "username"
|
|
expression: |
|
|
return ldap.get('sAMAccountName')
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/ms-userprincipalname
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default Active Directory Mapping: userPrincipalName"
|
|
object_field: "attributes.upn"
|
|
expression: |
|
|
return list_flatten(ldap.get('userPrincipalName'))
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/ms-givenName
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default Active Directory Mapping: givenName"
|
|
object_field: "attributes.givenName"
|
|
expression: |
|
|
return list_flatten(ldap.get('givenName'))
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/ms-sn
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default Active Directory Mapping: sn"
|
|
object_field: "attributes.sn"
|
|
expression: |
|
|
return list_flatten(ldap.get('sn'))
|
|
# OpenLDAP specific mappings
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/openldap-uid
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default OpenLDAP Mapping: uid"
|
|
object_field: "username"
|
|
expression: |
|
|
return ldap.get('uid')
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/openldap-cn
|
|
model: authentik_sources_ldap.ldappropertymapping
|
|
attrs:
|
|
name: "authentik default OpenLDAP Mapping: cn"
|
|
object_field: "name"
|
|
expression: |
|
|
return ldap.get('cn')
|