diff --git a/uncloud/opennebula/management/commands/syncvm.py b/uncloud/opennebula/management/commands/syncvm.py
index 136e145..795d53a 100644
--- a/uncloud/opennebula/management/commands/syncvm.py
+++ b/uncloud/opennebula/management/commands/syncvm.py
@@ -26,11 +26,14 @@ class Command(BaseCommand):
                 vms = json.loads(json.dumps(parse(response)))['VM_POOL']['VM']
                 for i, vm in enumerate(vms):
                     vm_id = vm['ID']
-                    vm_owner = vm['UNAME']
+                    vm_owner_email = vm['UNAME']
+
                     try:
-                        user = get_user_model().objects.get(username=vm_owner)
+                        user = get_user_model().objects.get(email=vm_owner_email)
                     except get_user_model().DoesNotExist:
-                        user = get_user_model().objects.create_user(username=vm_owner)
+                        print("Skipping VM import for unknown user with email: {}".format(vm_owner_email))
+                        continue
+                        # user = get_user_model().objects.create_user(username=vm_owner)
 
                     VMModel.objects.update_or_create(
                         defaults= { 'data': vm,
@@ -40,3 +43,4 @@ class Command(BaseCommand):
 
             else:
                 print(response)
+                print(uncloud.secrets.OPENNEBULA_USER_PASS)
diff --git a/uncloud/opennebula/views.py b/uncloud/opennebula/views.py
index 5505b32..29fdb64 100644
--- a/uncloud/opennebula/views.py
+++ b/uncloud/opennebula/views.py
@@ -1,22 +1,27 @@
 from rest_framework import viewsets, generics, permissions
+from rest_framework.response import Response
+
+from django.contrib.auth import get_user_model
+
 from .models import VM
 from .serializers import VMSerializer, OpenNebulaVMSerializer
 
-
-#class VMList(generics.ListAPIView):
-#    queryset = VM.objects.all()
-#    serializer_class = VMSerializer
-
-
 class RawVMViewSet(viewsets.ModelViewSet):
-#    lookup_field = 'vmid'
     queryset = VM.objects.all()
     serializer_class = VMSerializer
-    permission_classes = [permissions.IsAuthenticated]
+    permission_classes = [permissions.IsAdminUser]
 
 
 class VMViewSet(viewsets.ModelViewSet):
-    queryset = VM.objects.all()
-    serializer_class = OpenNebulaVMSerializer
-
     permission_classes = [permissions.IsAuthenticated]
+
+    def list(self, request):
+        queryset = VM.objects.filter(owner=request.user)
+        serializer = OpenNebulaVMSerializer(queryset, many=True, context={'request': request})
+        return Response(serializer.data)
+
+    def retrieve(self, request, pk=None):
+        queryset = VM.objects.filter(owner=request.user)
+        user = get_object_or_404(queryset, pk=pk)
+        serializer = OpenNebulaVMSerializer(queryset)
+        return Response(serializer.data)
diff --git a/uncloud/uncloud/secrets_sample.py b/uncloud/uncloud/secrets_sample.py
index f4c89ac..36ff0df 100644
--- a/uncloud/uncloud/secrets_sample.py
+++ b/uncloud/uncloud/secrets_sample.py
@@ -7,6 +7,11 @@ OPENNEBULA_URL = 'https://opennebula.ungleich.ch:2634/RPC2'
 # user:pass for accessing opennebula
 OPENNEBULA_USER_PASS = 'user:password'
 
-AUTH_LDAP_BIND_DN = 'something'
+POSTGRESQL_DB_NAME="uncloud"
 
-AUTH_LDAP_BIND_PASSWORD = r'somepass'
+# See https://django-auth-ldap.readthedocs.io/en/latest/authentication.html
+LDAP_ADMIN_DN=""
+LDAP_ADMIN_PASSWORD=""
+LDAP_SERVER_URI = ""
+
+SECRET_KEY="dx$iqt=lc&yrp^!z5$ay^%g5lhx1y3bcu=jg(jx0yj0ogkfqvf"
diff --git a/uncloud/uncloud/settings.py b/uncloud/uncloud/settings.py
index 17a46d9..5ce8e92 100644
--- a/uncloud/uncloud/settings.py
+++ b/uncloud/uncloud/settings.py
@@ -12,6 +12,10 @@ https://docs.djangoproject.com/en/3.0/ref/settings/
 
 import os
 
+
+# Uncommitted file with secrets
+import uncloud.secrets
+
 import stripe
 import ldap
 
@@ -21,6 +25,7 @@ from django_auth_ldap.config import LDAPSearch
 
 
 
+
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
@@ -29,7 +34,7 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 # See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
 
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'dx$iqt=lc&yrp^!z5$ay^%g5lhx1y3bcu=jg(jx0yj0ogkfqvf'
+SECRET_KEY = uncloud.secrets.SECRET_KEY
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
@@ -106,18 +111,23 @@ AUTH_PASSWORD_VALIDATORS = [
 ################################################################################
 # AUTH/LDAP
 
-AUTH_LDAP_SERVER_URI = "ldaps://ldap1.ungleich.ch,ldaps://ldap2.ungleich.ch"
+AUTH_LDAP_SERVER_URI = uncloud.secrets.LDAP_SERVER_URI
 
-AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=customer,dc=ungleich,dc=ch"
+AUTH_LDAP_USER_ATTR_MAP = {
+    "first_name": "givenName",
+    "last_name": "sn",
+    "email": "mail"
+}
 
-AUTH_LDAP_BIND_DN = secrets.AUTH_LDAP_BIND_DN
 
-AUTH_LDAP_BIND_PASSWORD = secrets.AUTH_LDAP_BIND_PASSWORD
+AUTH_LDAP_BIND_DN = uncloud.secrets.LDAP_ADMIN_DN
+AUTH_LDAP_BIND_PASSWORD = uncloud.secrets.LDAP_ADMIN_PASSWORD
 
 AUTH_LDAP_USER_SEARCH = LDAPSearch(
-    "ou=customer,dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"
+    "dc=ungleich,dc=ch", ldap.SCOPE_SUBTREE, "(uid=%(user)s)"
 )
 
+
 ################################################################################
 # AUTH/Django
 AUTHENTICATION_BACKENDS = [
@@ -159,7 +169,7 @@ STATIC_URL = '/static/'
 
 stripe.api_key = secrets.STRIPE_KEY
 
-<<<<<<< HEAD:nicohack202002/uncloud/uncloud/settings.py
+# FIXME: not sure if we really need this
 LOGGING = {
     'version': 1,
     'disable_existing_loggers': False,
@@ -182,18 +192,12 @@ LOGGING = {
             'propagate': True
         }
     },
-=======
-# Uncommitted file with secrets
-import uncloud.secrets
+}
 
-
-# Database
 # https://docs.djangoproject.com/en/3.0/ref/settings/#databases
-
 DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.postgresql',
         'NAME': uncloud.secrets.POSTGRESQL_DB_NAME,
     }
->>>>>>> nico/meow-pay-master:uncloud/uncloud/settings.py
 }
diff --git a/uncloud/uncloud/urls.py b/uncloud/uncloud/urls.py
index 2b90055..a01ef66 100644
--- a/uncloud/uncloud/urls.py
+++ b/uncloud/uncloud/urls.py
@@ -24,7 +24,7 @@ from opennebula import views as oneviews
 router = routers.DefaultRouter()
 router.register(r'users', views.UserViewSet)
 router.register(r'groups', views.GroupViewSet)
-router.register(r'opennebula', oneviews.VMViewSet)
+router.register(r'opennebula', oneviews.VMViewSet, basename='opennebula')
 router.register(r'opennebula_raw', oneviews.RawVMViewSet)
 
 # Wire up our API using automatic URL routing.
@@ -33,15 +33,5 @@ urlpatterns = [
     path('', include(router.urls)),
     path('admin/', admin.site.urls),
     path('products/', views.ProductsView.as_view(), name='products'),
-<<<<<<< HEAD:nicohack202002/uncloud/uncloud/urls.py
-    path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
-    path('opennebula/vm/list/', oneviews.VMList.as_view(), name='vm_list'),
-    path('opennebula/vm/detail/<int:vmid>/', oneviews.VMDetail.as_view(), name='vm_detail'),
-    path('vm/list/', oneviews.UserVMList.as_view(), name='user_vm_list'),
-=======
     path('api-auth/', include('rest_framework.urls', namespace='rest_framework'))
-#    path('vm/list/', oneviews.VMList.as_view(), name='vm_list'),
-#    path('vm/detail/<int:vmid>/', oneviews.VMDetail.as_view(), name='vm_detail'),
-
->>>>>>> nico/meow-pay-master:uncloud/uncloud/urls.py
 ]