109 lines
3.4 KiB
YAML
109 lines
3.4 KiB
YAML
version: 1
|
|
metadata:
|
|
labels:
|
|
blueprints.goauthentik.io/system: "true"
|
|
name: System - LDAP Source - Mappings
|
|
entries:
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/default-dn-path
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default LDAP Mapping: DN to User Path"
|
|
expression: |
|
|
path_elements = []
|
|
for pair in dn.split(","):
|
|
attr, _, value = pair.partition("=")
|
|
# Ignore elements from the Root DSE and the canonical name of the object
|
|
if attr.lower() in ["cn", "dc"]:
|
|
continue
|
|
path_elements.append(value)
|
|
path_elements.reverse()
|
|
|
|
path = source.get_user_path()
|
|
if len(path_elements) > 0:
|
|
path = f"{path}/{'/'.join(path_elements)}"
|
|
return {
|
|
"path": path
|
|
}
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/default-name
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default LDAP Mapping: Name"
|
|
expression: |
|
|
return {
|
|
"name": ldap.get("name"),
|
|
}
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/default-mail
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default LDAP Mapping: mail"
|
|
expression: |
|
|
return {
|
|
"email": ldap.get("mail"),
|
|
}
|
|
# ActiveDirectory-specific mappings
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/ms-samaccountname
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default Active Directory Mapping: sAMAccountName"
|
|
expression: |
|
|
return {
|
|
"username": ldap.get("sAMAccountName"),
|
|
}
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/ms-userprincipalname
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default Active Directory Mapping: userPrincipalName"
|
|
object_field: "attributes.upn"
|
|
expression: |
|
|
return {
|
|
"attributes": {
|
|
"upn": list_flatten(ldap.get("userPrincipalName")),
|
|
},
|
|
}
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/ms-givenName
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default Active Directory Mapping: givenName"
|
|
expression: |
|
|
return {
|
|
"attributes": {
|
|
"givenName": list_flatten(ldap.get("givenName")),
|
|
},
|
|
}
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/ms-sn
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default Active Directory Mapping: sn"
|
|
expression: |
|
|
return {
|
|
"attributes": {
|
|
"sn": list_flatten(ldap.get("sn")),
|
|
},
|
|
}
|
|
# OpenLDAP specific mappings
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/openldap-uid
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default OpenLDAP Mapping: uid"
|
|
expression: |
|
|
return {
|
|
"username": ldap.get("uid"),
|
|
}
|
|
- identifiers:
|
|
managed: goauthentik.io/sources/ldap/openldap-cn
|
|
model: authentik_sources_ldap.ldapsourcepropertymapping
|
|
attrs:
|
|
name: "authentik default OpenLDAP Mapping: cn"
|
|
expression: |
|
|
return {
|
|
"name": ldap.get("cn"),
|
|
}
|