Comments (7)
I have managed to install the plugin.
First thing I had to include dependencies to $SENTRY_INSTALL_DIR/sentry/Dockerfile
...
FROM ${SENTRY_IMAGE}
RUN apt-get update && apt-get install -y gcc libsasl2-dev python-dev libldap2-dev libssl-dev
COPY . /usr/src/sentry
...
Then I had to run docker-compose build
And after that, I have started up the sentry again with docker-compose up -d
from getsentry-ldap-auth.
@lkiii Hello.
Do you have a working config "LDAP auth" for sentry 21.1.0 ?
Could you please, share it?
from getsentry-ldap-auth.
@lkiii Hello.
Do you have a working config "LDAP auth" for sentry 21.1.0 ?
Could you please, share it?
The approach I have described above is working on version 20.11.1. I have not tested it on higher versions.
from getsentry-ldap-auth.
@OANgit @lkiii do you have guys some example working with 21.x sentry onpremise? I am blocked on it now 😢
from getsentry-ldap-auth.
Hi,
I have version onpremise sentry
sentry --version
sentry, version 21.1.0 (486d790a8f52)
I have a huge Active Directory LDAP. In my case I had error(restriction) with a memcache.
auth_ldap._LDAPUserGroups._group_names.cn - longer than 250.
In the logs you see docker-compose logs web
something like this
/usr/local/lib/python3.6/site-packages/django/core/cache/backends/base.py:239: CacheKeyWarning: Cache key will cause errors if used with memcached: ':2:auth_ldap._LDAPUserGroups._group_names.cn=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name,ou=long_name' (longer than 250)
web_1 | '(longer than %s)' % (key, MEMCACHE_MAX_KEY_LENGTH), CacheKeyWarning
I changed section Cache in file sentry/sentry.conf.py
#########
# Cache #
#########
# Sentry currently utilizes two separate mechanisms. While CACHES is not a
# requirement, it will optimize several high throughput patterns.
#CACHES = {
# "default": {
# "BACKEND": "django.core.cache.backends.memcached.MemcachedCache",
# "LOCATION": ["memcached:11211"],
# "TIMEOUT": 3600,
# }
#}
CACHES = {
"default": {
"BACKEND": "django.core.cache.backends.locmem.LocMemCache",
"LOCATION": "unique-snowflake",
}
}
from getsentry-ldap-auth.
LDAP settings in sentry/sentry.conf.py
#############
# LDAP auth #
#############
import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfUniqueNamesType
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTH_LDAP_SERVER_URI = "ldap://192.168.10.1:389"
AUTH_LDAP_BIND_DN = "AD_user"
AUTH_LDAP_BIND_PASSWORD = "password"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=,dc=,dc=,dc=com",ldap.SCOPE_SUBTREE,"(sAMAccountName=%(user)s)"
)
AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
'',
ldap.SCOPE_SUBTREE,
'(objectClass=groupOfUniqueNames)'
)
AUTH_LDAP_GROUP_TYPE = GroupOfUniqueNamesType()
AUTH_LDAP_REQUIRE_GROUP = None
AUTH_LDAP_DENY_GROUP = None
AUTH_LDAP_USER_ATTR_MAP = {
"username": "sAMAccountName",
"first_name": "givenName",
"last_name": "sn",
"email": "mail",
}
AUTH_LDAP_FIND_GROUP_PERMS = False
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
AUTH_LDAP_DEFAULT_SENTRY_ORGANIZATION = u'Sentry'
AUTH_LDAP_SENTRY_ORGANIZATION_ROLE_TYPE = 'member'
AUTH_LDAP_SENTRY_ORGANIZATION_GLOBAL_ACCESS = True
#AUTH_LDAP_SENTRY_USERNAME_FIELD = 'uid'
AUTH_LDAP_SENTRY_SUBSCRIBE_BY_DEFAULT = False
SENTRY_MANAGED_USER_FIELDS = ('email', 'first_name', 'last_name', 'password', )
AUTHENTICATION_BACKENDS = AUTHENTICATION_BACKENDS + (
'sentry_ldap_auth.backend.SentryLdapBackend',
)
import logging
logger = logging.getLogger('django_auth_ldap')
logger.addHandler(logging.StreamHandler())
logger.setLevel('DEBUG')
#### Telemetry off
SENTRY_BEACON = False
from getsentry-ldap-auth.
@OANgit @lkiii do you have guys some example working with 21.x sentry onpremise? I am blocked on it now 😢
No sorry. My customer decided to migrate to the cloud, so I have not upgraded on-prem to the latest versions.
from getsentry-ldap-auth.
Related Issues (20)
- Logging in with LDAP user fails when user has multiple emails in right conditions HOT 1
- Sentry LDAP Plugin ignored with latest Version HOT 15
- Sentry version 9 support?
- Target organization should be configurable by slug HOT 1
- Group role mapping HOT 13
- Update sentry user role if LDAP group membership is changed HOT 1
- Users not getting added to organization after log in HOT 3
- Sentry version 10 Support HOT 6
- Get it working with sentry helm chart? HOT 1
- Sentry 10 Installations fails with getsentry-ldap-auth HOT 3
- rpmbuild: line 56: Illegal char '*' in: Requires: python-django-auth-ldap = 1.2.*
- Ldap / Active Diectory Intgegration with sentry 10 HOT 2
- Auto populate 'Admin' and/or 'Superuser'
- Not able to login with Sentry 20 HOT 1
- Unable to install, gcc missing. HOT 2
- Has support for Sentry 20/21? HOT 16
- setry web crash
- Updated passwords in LDAP HOT 1
- 'User' object has no attribute 'groups'
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from getsentry-ldap-auth.