diff --git a/awx/sso/conf.py b/awx/sso/conf.py index e04f091851..8994f70785 100644 --- a/awx/sso/conf.py +++ b/awx/sso/conf.py @@ -293,6 +293,17 @@ register( default='MemberDNGroupType', ) +register( + 'AUTH_LDAP_GROUP_TYPE_MEMBER_ATTR', + field_class=fields.CharField, + default='member', + label=_('LDAP Group Type Member Attribute'), + help_text=_('Specify member_attr when AUTH_LDAP_GROUP_TYPE=MemberDNGroupType.'), + category=_('LDAP'), + category_slug='ldap', + feature_required='ldap', +) + register( 'AUTH_LDAP_REQUIRE_GROUP', field_class=fields.LDAPDNField, diff --git a/awx/sso/fields.py b/awx/sso/fields.py index 0ff4b902a5..8771057a34 100644 --- a/awx/sso/fields.py +++ b/awx/sso/fields.py @@ -323,7 +323,8 @@ class LDAPGroupTypeField(fields.ChoiceField): if not data: return None if data.endswith('MemberDNGroupType'): - return getattr(django_auth_ldap.config, data)(member_attr='member') + from django.conf import settings + return getattr(django_auth_ldap.config, data)(member_attr=settings.AUTH_LDAP_GROUP_TYPE_MEMBER_ATTR) else: return getattr(django_auth_ldap.config, data)()