From 302415887a4d697e8b7b66a5f3449fc8e536217d Mon Sep 17 00:00:00 2001
From: Kenneth Joss <kenneth@cloudscale.ch>
Date: Wed, 27 Mar 2024 14:28:48 +0100
Subject: [PATCH] Allow custom LDAP attributes

---
 ansible/roles/netbox/defaults/main.yml         | 18 ++++++++++++++++++
 .../usr/local/lib/netbox/ldap_config.py.j2     |  6 +++---
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/ansible/roles/netbox/defaults/main.yml b/ansible/roles/netbox/defaults/main.yml
index 8d16a2d5ea..7fdc4fd9d1 100644
--- a/ansible/roles/netbox/defaults/main.yml
+++ b/ansible/roles/netbox/defaults/main.yml
@@ -510,6 +510,24 @@ netbox__ldap_object_owner_rdn: 'uid={{ lookup("env", "USER") }}'
 netbox__ldap_object_ownerdn: '{{ ([ netbox__ldap_object_owner_rdn, netbox__ldap_people_rdn ]
                                     + netbox__ldap_base_dn) | join(",") }}'
                                                                    # ]]]
+                                                                   # ]]]
+# .. envvar:: netbox__ldap_attr_firstname [[[
+#
+# The attribute of the LDAP object that shows the users first name.
+netbox__ldap_attr_firstname: 'cn'
+
+                                                                   # ]]]
+# .. envvar:: netbox__ldap_attr_sn [[[
+#
+# The attribute of the LDAP object that shows the users last name.
+netbox__ldap_attr_sn: 'sn'
+
+                                                                   # ]]]
+# .. envvar:: netbox__ldap_attr_mail [[[
+#
+# The attribute of the LDAP object that shows the users email address.
+netbox__ldap_attr_mail: 'mailAddress'
+
                                                                    # ]]]
 # LDAP connection options [[[
 # ---------------------------
diff --git a/ansible/roles/netbox/templates/usr/local/lib/netbox/ldap_config.py.j2 b/ansible/roles/netbox/templates/usr/local/lib/netbox/ldap_config.py.j2
index b96b43bf0b..2a30a233b8 100644
--- a/ansible/roles/netbox/templates/usr/local/lib/netbox/ldap_config.py.j2
+++ b/ansible/roles/netbox/templates/usr/local/lib/netbox/ldap_config.py.j2
@@ -84,7 +84,7 @@ AUTH_LDAP_CACHE_TIMEOUT = int(environ.get('AUTH_LDAP_CACHE_TIMEOUT', 3600))
 
 # Populate the Django user from the LDAP directory.
 AUTH_LDAP_USER_ATTR_MAP = {
-    "first_name": environ.get('AUTH_LDAP_ATTR_FIRSTNAME', 'givenName'),
-    "last_name": environ.get('AUTH_LDAP_ATTR_LASTNAME', 'sn'),
-    "email": environ.get('AUTH_LDAP_ATTR_MAIL', 'mailAddress')
+    "first_name": environ.get('AUTH_LDAP_ATTR_FIRSTNAME', '{{ netbox__ldap_attr_firstname }}'),
+    "last_name": environ.get('AUTH_LDAP_ATTR_LASTNAME', '{{ netbox__ldap_attr_sn }}'),
+    "email": environ.get('AUTH_LDAP_ATTR_MAIL', '{{ netbox__ldap_attr_mail }}')
 }