Django groups not mapped
391 views
Skip to first unread message
Christian Wittwer
Sep 30, 2013, 4:42:48 AM9/30/13
to django-a...@googlegroups.com
Hi everybody,
I'm using Django 1.5.4 with django_auth_ldap 1.1.4 and have troubles, to map LDAP groups to Django groups.
My configuration looks like this. I'm using an Active Directory to authenticate.
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("dc=corp,dc=bar,dc=com", ldap.SCOPE_SUBTREE, "(objectClass=group)")
AUTH_LDAP_GROUP_TYPE = NestedGroupOfNamesType()
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
"is_staff": "CN=foo,OU=Corporation,OU=Security Groups,OU=bar,DC=corp,DC=bar,DC=com",
"is_superuser": "CN=foo,OU=Corporation,OU=Security Groups,OU=bar,DC=corp,DC=bar,DC=com"
}
AUTH_LDAP_FIND_GROUP_PERMS = True
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
The login works as expected. Due to my membership in "CN=foo,OU=Corporation,OU=Security Groups,OU=bar,DC=corp,DC=bar,DC=com" I get the staff and superuser flag. The log shows, that django_auht_ldap finds all of my group memberships in the Active Directory, but the mapping to Django groups does not work.
I tried several names for the Django group, but none of them worked: "foo", "CN=foo", even "CN=foo,OU=Corporation,OU=Security Groups,OU=bar,DC=corp,DC=bar,DC=com".
If I login and check my groups, none of them are mapped. Am I missing something?
Cheers,
Christian
Peter Sagerson
Sep 30, 2013, 11:50:49 AM9/30/13
to django-a...@googlegroups.com
Do you mean that it's not creating django.contrib.auth.models.Group model objects? Because AUTH_LDAP_FIND_GROUP_PERMS doesn't modify your database, it internally maps LDAP groups onto existing Django groups for purposes of determining permissions. In your case, if you create a Django group named "foo" and assign permissions to it, then when you log in, LDAPBackend would report that your user has all of those permissions.
> --
> You received this message because you are subscribed to the Google Groups "django-auth-ldap" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to django-auth-ld...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
> You received this message because you are subscribed to the Google Groups "django-auth-ldap" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to django-auth-ld...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.
Di majo
May 12, 2024, 1:42:54 PM5/12/24
to django-auth-ldap
MT103/202 DIRECT WIRE TRANSFER
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER
Thanks.
NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.
DM ME ON WHATSAPP
+44 7529 555638
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER
Thanks.
NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.
DM ME ON WHATSAPP
+44 7529 555638
Reply all
Reply to author
Forward
0 new messages