Please verify that this feature request has NOT been suggested before.

• I checked and didn't find a similar feature request

Problem statement

LDAP authentication group type does not match all environments. Current implementation assumes a group type of GroupOfUniqueNamesType. In my case, this would need to be NestedMemberDNGroupType instead

Additionally, the AUTH_LDAP_GROUP_SEARCH setting hardcodes an objectClass to search for, which does not match all environments.

For my environment, I would need this instead. Note the change of objectClass,, and that I specified the member_attr when setting AUTH_LDAP_GROUP_TYPE

AUTH_LDAP_GROUP_SEARCH = LDAPSearch(
    get_setting("INVENTREE_LDAP_GROUP_SEARCH", "ldap.group_search"),
    ldap.SCOPE_SUBTREE,
    "(objectClass=group)",
)
AUTH_LDAP_GROUP_TYPE = NestedMemberDNGroupType(member_attr="member", name_attr="cn")

Finally, I'd like to mirror my LDAP groups from the search base to InvenTree. The AUTH_LDAP_MIRROR_GROUPS option should be available. Something like

AUTH_LDAP_MIRROR_GROUPS = get_boolean_setting("INVENTREE_LDAP_MIRROR_GROUPS")

Suggested solution

Make these tweaks configurable through the .env file.

Describe alternatives you've considered

We are unable to use LDAP authentication in our AD environment with the current settings. I was able to get this working for us by changing the hardcoded objects to match by environment described above by directly editing settings.py, but feel this should be configurable and upstreamed, instead of my hacky edits.

Examples of other systems

No response

Do you want to develop this?

• I want to develop this.