AzureAD SSO Setup

[umarkhan99]

Azure AD SSO has been setup and is working properly. However, after signing in, users dont have any permissions. I tried giving azure app group specified but nothing seems to be working;

Rack elevation size defaults, in pixels. For best results, the ratio of width to height should be roughly 10:1.

RACK_ELEVATION_DEFAULT_UNIT_HEIGHT = 22
RACK_ELEVATION_DEFAULT_UNIT_WIDTH = 220

Remote authentication support

REMOTE_AUTH_ENABLED = True
REMOTE_AUTH_BACKEND = 'netbox.authentication.RemoteUserBackend'
#REMOTE_AUTH_BACKEND = 'netbox.authentication.LDAPBackend'
#AUTH_AZUREAD_ENABLED = True
#REMOTE_AUTH_BACKEND = 'social_core.backends.azuread.AzureADOAuth2'
#SOCIAL_AUTH_AZUREAD_OAUTH2_KEY = ''
#SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET = ''
#AUTH_AZUREAD_REPLY_URL = 'https://netbox/login'
#AUTH_AZUREAD_ADMIN_GROUP = 'Roles.IT.Admin'
#REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
#REMOTE_AUTH_AUTO_CREATE_USER = True
#REMOTE_AUTH_DEFAULT_GROUPS = []
#REMOTE_AUTH_DEFAULT_PERMISSIONS = {}

REMOTE_AUTH_SUPERUSER_GROUPS = ['Roles.IT.Admin']
REMOTE_AUTH_AUTO_CREATE_USER = True
REMOTE_AUTH_BACKEND = "social_core.backends.azuread.AzureADOAuth2"
REMOTE_AUTH_DEFAULT_GROUPS = ['Roles.IT.Admin']
REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
REMOTE_AUTH_ENABLED = True
SOCIAL_AUTH_AZUREAD_OAUTH2_KEY = ""
SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET = ""
SOCIAL_AUTH_AZUREAD_OAUTH2_TENANT_ID = ""
SOCIAL_AUTH_AZUREAD_OAUTH2_DEFAULT_SCOPE = [
"openid",
"profile",
"user_impersonation",
"email",
"groups",
]
SOCIAL_AUTH_AZUREAD_OAUTH2_EXTRA_DATA = [
("groups", "groups")
]
SOCIAL_AUTH_REDIRECT_IS_HTTPS = True
SOCIAL_AUTH_PIPELINE = (
"social_core.pipeline.social_auth.social_details",
"social_core.pipeline.social_auth.social_uid",
"social_core.pipeline.social_auth.social_user",
"social_core.pipeline.user.get_username",
"social_core.pipeline.social_auth.associate_by_email",
"social_core.pipeline.user.create_user",
"social_core.pipeline.social_auth.associate_user",
"social_core.pipeline.social_auth.load_extra_data",
"social_core.pipeline.user.user_details",
"netbox.azuresetgroups.set_groups",
)

[markkuleinio]

REMOTE_AUTH_DEFAULT_GROUPS = ['Roles.IT.Admin']
REMOTE_AUTH_DEFAULT_PERMISSIONS = {}

Do you have some permissions attached to the Roles.IT.Admin group in NetBox?

I see you have:

REMOTE_AUTH_SUPERUSER_GROUPS = ['Roles.IT.Admin']

but REMOTE_AUTH_SUPERUSER_GROUPS says:

(Requires REMOTE_AUTH_ENABLED and REMOTE_AUTH_GROUP_SYNC_ENABLED )

[umarkhan99]

I don't. How do I attach those permissions?

[umarkhan99]

REMOTE_AUTH_ENABLED is already turned on
[REMOTE_AUTH_GROUP_SYNC_ENABLED added it to true. and restarted netbox. that didn't fix it.

[umarkhan99]

Open a terminal on your Linux machine.

Navigate to the NetBox project directory. It appears to be /opt/netbox based on your previous messages.

bash

cd /opt/netbox
Activate the virtual environment.

bash
Copy code
source venv/bin/activate
Run the createsuperuser management command. You will be prompted to enter a username, email address, and password for the new superuser.

bash
Copy code
python netbox/manage.py createsuperuser
Follow the prompts to provide the required information.

After completing the prompts, a new superuser will be created, and you will be able to log in to the NetBox admin interface using the provided username and password.

Deactivate the virtual environment when you're done.

bash

deactivate

then make changes in admin UI....https://netbox.com/admin