I am using Airflow 1.10.10, and I have successfully set up AD/LDAP integration internally while also having rbac = True in the airflow configuration file. I set this up by following this resource https://guptakumartanuj.wordpress.com/2019/11/14/airflow-ui-authentication-through-ldap-server/ and a few others with similar setups. However now that I have this set up, I don't want to force every new user to either be an Admin or a Viewer and would rather have that be dictated by their corresponding AD groups. With this current setup, the variables below either allow you to make a new user an Admin or a Viewer:
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Admin"
I tried adding the AIRFLOW__LDAP__SUPERUSER_FILTER and data_profiler arguments to my webserver_config.py file but I am still unable to allow the user to inherit permissions from the AD groups.
For reference, my filters are setup with the following syntax:
memberOf=CN=ADMINTEAM,OU=SvcAccts,DC=us,DC=ae
Can anyone help? I also tried disabling AUTH_USER_REGISTRATION but this just takes away the AD functionality ..
