starred/netbox
1
0
Fork 0
mirror of https://github.com/netbox-community/netbox.git synced 2026-01-11 21:10:29 +01:00
Code Issues 273 Packages Projects Releases 10 Wiki Activity

REMOTE_AUTH_DEFAULT_GROUPS not adding new users to group #6203

New Issue
Closed
opened 2025-12-29 19:37:59 +01:00 by adam · 8 comments
adam commented 2025-12-29 19:37:59 +01:00
Owner
Copy Link

Originally created by @andymelichar on GitHub (Mar 11, 2022).

Originally assigned to: @huntabyte on GitHub.

NetBox version

v3.1.9

Python version

3.8

Steps to Reproduce

  1. Create new group called 'Users' in Netbox admin
  2. Add settings to configuration.py for remote auth and default group:
# Remote authentication support
REMOTE_AUTH_ENABLED = True

REMOTE_AUTH_BACKEND = 'social_core.backends.azuread_tenant.AzureADTenantOAuth2'

REMOTE_AUTH_DEFAULT_GROUPS = ['Users']

REMOTE_AUTH_GROUP_SYNC_ENABLED = False

SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_RESOURCE  = '[redacted]'
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_KEY       = '[redacted]'
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_SECRET    = '[redacted]'
SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_TENANT_ID = '[redacted]'
  1. New user authenticates using the Azure auth provider into Netbox
  2. User is added to Netbox, but user is not added to 'Users' group

Expected Behavior

New users should be added to the group(s) indicted by the REMOTE_AUTH_DEFAULT_GROUPS setting.

Observed Behavior

User is not added to group on sign-on.

Originally created by @andymelichar on GitHub (Mar 11, 2022). Originally assigned to: @huntabyte on GitHub. ### NetBox version v3.1.9 ### Python version 3.8 ### Steps to Reproduce 1. Create new group called 'Users' in Netbox admin 2. Add settings to configuration.py for remote auth and default group: ``` # Remote authentication support REMOTE_AUTH_ENABLED = True REMOTE_AUTH_BACKEND = 'social_core.backends.azuread_tenant.AzureADTenantOAuth2' REMOTE_AUTH_DEFAULT_GROUPS = ['Users'] REMOTE_AUTH_GROUP_SYNC_ENABLED = False SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_RESOURCE = '[redacted]' SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_KEY = '[redacted]' SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_SECRET = '[redacted]' SOCIAL_AUTH_AZUREAD_TENANT_OAUTH2_TENANT_ID = '[redacted]' ``` 3. New user authenticates using the Azure auth provider into Netbox 4. User is added to Netbox, but user is not added to 'Users' group ### Expected Behavior New users should be added to the group(s) indicted by the REMOTE_AUTH_DEFAULT_GROUPS setting. ### Observed Behavior User is not added to group on sign-on.
adam added the type: bugstatus: accepted labels 2025-12-29 19:37:59 +01:00
adam closed this issue 2025-12-29 19:37:59 +01:00
adam commented 2025-12-29 19:38:00 +01:00
Author
Owner
Copy Link

@davidc commented on GitHub (Mar 22, 2022):

Can confirm this is also happening for me, also using social auth. Users are created but not added to group. Netbox ccd14dc6bbd5 (v3.1.9) via netbox-docker.

LOGIN_REQUIRED=True
REMOTE_AUTH_ENABLED=True
REMOTE_AUTH_AUTO_CREATE_USER=True
REMOTE_AUTH_BACKEND='social_core.backends.emf.EmfOAuth2'
SOCIAL_AUTH_EMF_KEY='xxx'
SOCIAL_AUTH_EMF_SECRET='xxx'
REMOTE_AUTH_DEFAULT_GROUPS=['noc']
@davidc commented on GitHub (Mar 22, 2022): Can confirm this is also happening for me, also using social auth. Users are created but not added to group. Netbox ccd14dc6bbd5 (v3.1.9) via netbox-docker. ``` LOGIN_REQUIRED=True REMOTE_AUTH_ENABLED=True REMOTE_AUTH_AUTO_CREATE_USER=True REMOTE_AUTH_BACKEND='social_core.backends.emf.EmfOAuth2' SOCIAL_AUTH_EMF_KEY='xxx' SOCIAL_AUTH_EMF_SECRET='xxx' REMOTE_AUTH_DEFAULT_GROUPS=['noc'] ```
adam commented 2025-12-29 19:38:00 +01:00
Author
Owner
Copy Link

@Nino-Rey commented on GitHub (May 13, 2022):

Same thing here when using Azure AD. I'm using Netbox v3.1.11

Remote authentication support

REMOTE_AUTH_ENABLED = True
REMOTE_AUTH_BACKEND = 'social_core.backends.azuread.AzureADOAuth2'
SOCIAL_AUTH_AZUREAD_OAUTH2_KEY = 'xxx'
SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET = 'xxx'
REMOTE_AUTH_DEFAULT_GROUPS=['AAD-NRE-Apps']
REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER'
REMOTE_AUTH_AUTO_CREATE_USER = True
REMOTE_AUTH_DEFAULT_PERMISSIONS = {}

@Nino-Rey commented on GitHub (May 13, 2022): Same thing here when using Azure AD. I'm using Netbox v3.1.11 # Remote authentication support REMOTE_AUTH_ENABLED = True REMOTE_AUTH_BACKEND = 'social_core.backends.azuread.AzureADOAuth2' SOCIAL_AUTH_AZUREAD_OAUTH2_KEY = 'xxx' SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET = 'xxx' REMOTE_AUTH_DEFAULT_GROUPS=['AAD-NRE-Apps'] REMOTE_AUTH_HEADER = 'HTTP_REMOTE_USER' REMOTE_AUTH_AUTO_CREATE_USER = True REMOTE_AUTH_DEFAULT_PERMISSIONS = {}
adam commented 2025-12-29 19:38:00 +01:00
Author
Owner
Copy Link

@max-baumgarten commented on GitHub (May 25, 2022):

Having same issue on Netbox-Docker v3.2-1.6.1

REMOTE_AUTH_ENABLED = True
REMOTE_AUTH_BACKEND = 'social_core.backends.azuread.AzureADOAuth2'
SOCIAL_AUTH_AZUREAD_OAUTH2_KEY = 'xxx'
SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET = 'xxx'
SOCIAL_AUTH_REDIRECT_IS_HTTPS = True
REMOTE_AUTH_AUTO_CREATE_USER = True
REMOTE_AUTH_DEFAULT_GROUPS=['superduperadmins']
@max-baumgarten commented on GitHub (May 25, 2022): Having same issue on Netbox-Docker v3.2-1.6.1 ``` REMOTE_AUTH_ENABLED = True REMOTE_AUTH_BACKEND = 'social_core.backends.azuread.AzureADOAuth2' SOCIAL_AUTH_AZUREAD_OAUTH2_KEY = 'xxx' SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET = 'xxx' SOCIAL_AUTH_REDIRECT_IS_HTTPS = True REMOTE_AUTH_AUTO_CREATE_USER = True REMOTE_AUTH_DEFAULT_GROUPS=['superduperadmins'] ```
adam commented 2025-12-29 19:38:00 +01:00
Author
Owner
Copy Link

@ghost commented on GitHub (May 30, 2022):

We have the same issue via Okta. We are sending the groups via the token and just the actual user is created as default.

@ghost commented on GitHub (May 30, 2022): We have the same issue via Okta. We are sending the groups via the token and just the actual user is created as default.
adam commented 2025-12-29 19:38:00 +01:00
Author
Owner
Copy Link

@soll86 commented on GitHub (May 30, 2022):

We have the same issue via Okta.
We are sending the groups via the token and just the actual user is created as default in Netbox

@soll86 commented on GitHub (May 30, 2022): We have the same issue via Okta. We are sending the groups via the token and just the actual user is created as default in Netbox
adam commented 2025-12-29 19:38:00 +01:00
Author
Owner
Copy Link

@VirgoCluster commented on GitHub (Jun 15, 2022):

Same issue on NetBox 3.2.3

@VirgoCluster commented on GitHub (Jun 15, 2022): Same issue on NetBox 3.2.3
adam commented 2025-12-29 19:38:01 +01:00
Author
Owner
Copy Link

@themmini commented on GitHub (Jun 20, 2022):

I've tried assigning the role through the App registration side as well didn't work, Users are created with no role/group.
Instead of having a default group it would be good to use the AAD role assignment. Then you can assign users their permissions based off AAD groups/roles not just lump all SSO users together.

@themmini commented on GitHub (Jun 20, 2022): I've tried assigning the role through the App registration side as well didn't work, Users are created with no role/group. Instead of having a default group it would be good to use the AAD role assignment. Then you can assign users their permissions based off AAD groups/roles not just lump all SSO users together.
adam commented 2025-12-29 19:38:01 +01:00
Author
Owner
Copy Link

@huntabyte commented on GitHub (Jun 23, 2022):

I have a working solution for this, at least for setting the default groups. Need to do a little cleanup/refactoring and I'll submit a PR.

@huntabyte commented on GitHub (Jun 23, 2022): I have a working solution for this, at least for setting the default groups. Need to do a little cleanup/refactoring and I'll submit a PR.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
beta
breaking change
complexity: high
complexity: low
complexity: medium
needs milestone
netbox
pending closure
plugin candidate
pull-request
Mirrored from GitHub Pull Request
 severity: high
severity: low
severity: medium
status: accepted
status: backlog
status: blocked
status: duplicate
status: needs owner
status: needs triage
status: revisions needed
status: under review
topic: GraphQL
topic: Internationalization
topic: OpenAPI
topic: UI/UX
topic: cabling
topic: event rules
topic: htmx navigation
topic: industrialization
topic: migrations
topic: plugins
topic: scripts
topic: templating
topic: testing
type: bug
type: deprecation
type: documentation
type: feature
type: housekeeping
type: translation
No Label status: accepted type: bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/netbox#6203
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?