Problem getting django_auth_ldap up and running
1,554 views
Skip to first unread message
Jeff Schroeder
Apr 21, 2010, 2:35:26 PM4/21/10
to django_auth_ldap list
I'm attempting to setup django_auth_ldap against an openldap server
and am not having much luck.
This is the initial login and a subsequent login from the debug.log:
===============================================================
search_s('ou=People,o=mtt', 2, '(uid=jschroeder)') returned 1 objects:
uid=jschroeder,ou=People,o=int
search_s('ou=People,o=mtt', 2, '(uid=jschroeder)') returned 1 objects:
uid=jschroeder,ou=People,o=int
Created Django user jschroeder
Created Django user jschroeder
Populating Django user jschroeder
Populating Django user jschroeder
Caught LDAPError while authenticating jschroeder:
NO_SUCH_ATTRIBUTE({'desc': 'No such attribute'},)
Caught LDAPError while authenticating jschroeder:
NO_SUCH_ATTRIBUTE({'desc': 'No such attribute'},)
search_s('ou=People,o=mtt', 2, '(uid=jschroeder)') returned 1 objects:
uid=jschroeder,ou=People,o=int
search_s('ou=People,o=mtt', 2, '(uid=jschroeder)') returned 1 objects:
uid=jschroeder,ou=People,o=int
Populating Django user jschroeder
Populating Django user jschroeder
Caught LDAPError while authenticating jschroeder:
NO_SUCH_ATTRIBUTE({'desc': 'No such attribute'},)
Caught LDAPError while authenticating jschroeder:
NO_SUCH_ATTRIBUTE({'desc': 'No such attribute'},)
===============================================================
I copied and edited this to taste:
http://packages.python.org/django-auth-ldap/#example-configuration and
came up with this:
===============================================================
import logging, logging.handlers
LOG_FILENAME = "/tmp/django-ldap/debug.log"
my_logger = logging.getLogger('django_auth_ldap')
my_logger.setLevel(logging.DEBUG)
handler = logging.handlers.RotatingFileHandler(
LOG_FILENAME, maxBytes=1024 * 500, backupCount=5)
my_logger.addHandler(handler)
# Baseline configuration.
AUTH_LDAP_SERVER_URI = "ldap://ldap.site1.int"
# Disabled for now
#AUTH_LDAP_BIND_DN = "cn=django-agent,dc=example,dc=com"
#AUTH_LDAP_BIND_PASSWORD = "phlebotinum"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=People,o=int",
ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
# or perhaps:
# AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com"
# Set up the basic group parameters.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=Groups,o=int",
ldap.SCOPE_SUBTREE, "(objectClass=posixGroup)"
)
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr="cn")
# Only users in this group can log in.
#AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=django,ou=groups,dc=example,dc=com"
# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
"is_active": "cn=users,ou=Groups,o=int",
"is_staff": "cn=users,ou=Groups,o=int",
"is_superuser": "cn=users,ou=Groups,o=int",
}
# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True
# Use LDAP group membership to calculate group permissions.
AUTH_LDAP_FIND_GROUP_PERMS = True
# Cache group memberships for an hour to minimize LDAP traffic
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
# Keep ModelBackend around for per-user permissions and maybe a local
# superuser.
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
===============================================================
What am I doing wrong? This is for an ldap tree using the posixAccount
/ inetOrgPerson / posixGroup objectClasses.
Thankyou
--
Jeff Schroeder
Don't drink and derive, alcohol and analysis don't mix.
http://www.digitalprognosis.com
--
Subscription settings: http://groups.google.com/group/django-auth-ldap/subscribe?hl=en
and am not having much luck.
This is the initial login and a subsequent login from the debug.log:
===============================================================
search_s('ou=People,o=mtt', 2, '(uid=jschroeder)') returned 1 objects:
uid=jschroeder,ou=People,o=int
search_s('ou=People,o=mtt', 2, '(uid=jschroeder)') returned 1 objects:
uid=jschroeder,ou=People,o=int
Created Django user jschroeder
Created Django user jschroeder
Populating Django user jschroeder
Populating Django user jschroeder
Caught LDAPError while authenticating jschroeder:
NO_SUCH_ATTRIBUTE({'desc': 'No such attribute'},)
Caught LDAPError while authenticating jschroeder:
NO_SUCH_ATTRIBUTE({'desc': 'No such attribute'},)
search_s('ou=People,o=mtt', 2, '(uid=jschroeder)') returned 1 objects:
uid=jschroeder,ou=People,o=int
search_s('ou=People,o=mtt', 2, '(uid=jschroeder)') returned 1 objects:
uid=jschroeder,ou=People,o=int
Populating Django user jschroeder
Populating Django user jschroeder
Caught LDAPError while authenticating jschroeder:
NO_SUCH_ATTRIBUTE({'desc': 'No such attribute'},)
Caught LDAPError while authenticating jschroeder:
NO_SUCH_ATTRIBUTE({'desc': 'No such attribute'},)
===============================================================
I copied and edited this to taste:
http://packages.python.org/django-auth-ldap/#example-configuration and
came up with this:
===============================================================
import logging, logging.handlers
LOG_FILENAME = "/tmp/django-ldap/debug.log"
my_logger = logging.getLogger('django_auth_ldap')
my_logger.setLevel(logging.DEBUG)
handler = logging.handlers.RotatingFileHandler(
LOG_FILENAME, maxBytes=1024 * 500, backupCount=5)
my_logger.addHandler(handler)
# Baseline configuration.
AUTH_LDAP_SERVER_URI = "ldap://ldap.site1.int"
# Disabled for now
#AUTH_LDAP_BIND_DN = "cn=django-agent,dc=example,dc=com"
#AUTH_LDAP_BIND_PASSWORD = "phlebotinum"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=People,o=int",
ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
# or perhaps:
# AUTH_LDAP_USER_DN_TEMPLATE = "uid=%(user)s,ou=users,dc=example,dc=com"
# Set up the basic group parameters.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=Groups,o=int",
ldap.SCOPE_SUBTREE, "(objectClass=posixGroup)"
)
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr="cn")
# Only users in this group can log in.
#AUTH_LDAP_REQUIRE_GROUP = "cn=enabled,ou=django,ou=groups,dc=example,dc=com"
# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
AUTH_LDAP_USER_FLAGS_BY_GROUP = {
"is_active": "cn=users,ou=Groups,o=int",
"is_staff": "cn=users,ou=Groups,o=int",
"is_superuser": "cn=users,ou=Groups,o=int",
}
# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True
# Use LDAP group membership to calculate group permissions.
AUTH_LDAP_FIND_GROUP_PERMS = True
# Cache group memberships for an hour to minimize LDAP traffic
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
# Keep ModelBackend around for per-user permissions and maybe a local
# superuser.
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
===============================================================
What am I doing wrong? This is for an ldap tree using the posixAccount
/ inetOrgPerson / posixGroup objectClasses.
Thankyou
--
Jeff Schroeder
Don't drink and derive, alcohol and analysis don't mix.
http://www.digitalprognosis.com
--
Subscription settings: http://groups.google.com/group/django-auth-ldap/subscribe?hl=en
Peter Sagerson
Apr 22, 2010, 1:45:54 AM4/22/10
to django-a...@googlegroups.com
I would guess that this is caused by your mismatched group settings. AUTH_LDAP_GROUP_SEARCH is set to return objects of class posixGroup, but AUTH_LDAP_GROUP_TYPE is GroupOfNamesType() (corresponding to class groupOfNames). It will therefore search for a user's groups based on the 'member' attribute, which I imagine is not in the posixGroup schema.
Try setting AUTH_LDAP_GROUP_TYPE to PosixGroupType().
Jeff Schroeder
Apr 22, 2010, 8:14:50 AM4/22/10
to django-a...@googlegroups.com
That did it. Thanks for great software! Since you sort of self bumped
this from 1.2, do you think there is any chance of getting this in
django 1.3 or will it always stay a separate plugin?
this from 1.2, do you think there is any chance of getting this in
django 1.3 or will it always stay a separate plugin?
Peter Sagerson
Apr 22, 2010, 1:27:12 PM4/22/10
to django-a...@googlegroups.com
I didn't detect any interest in incorporating this into Django, which I think is perfectly sensible. I suspect it will be external for the foreseeable future.
Glad it's working for you.
Thanks,
Peter
Di majo
May 12, 2024, 3:56:06 PM5/12/24
to django-auth-ldap
MT103/202 DIRECT WIRE TRANSFER
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER
Thanks.
NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.
DM ME ON WHATSAPP
+44 7529 555638
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER
Thanks.
NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.
DM ME ON WHATSAPP
+44 7529 555638
Reply all
Reply to author
Forward
0 new messages