2 null entries at end of all ldap search results
6 views
Skip to first unread message
matt knox
Jul 28, 2010, 11:15:46 AM7/28/10
to django-auth-ldap
Hi there, I am trying to configure the AUTH_LDAP_USER_SEARCH option,
but I am encountering a problem because every call to
connection.search_s always returns 2 "null" entries at the end of the
results and the django_auth_ldap module explicitly checks that there
is only one result returned. Specifically, I am talking about
_search_for_user_dn in backend.py where it checks for len(results) ==
1 .
The search results come back like this for me:
[(<actual matching entry>),
(None, ['ldap://something.mydomain.com/
DC=something,DC=mydomain,DC=com']),
(None, ['ldap://other.mydomain.com/DC=other,DC=mydomain,DC=com'])]
And those last 2 entries are always there no matter what I do. I even
tried setting the search sizelimit option to 1 and it still returns
those values.
I don't really know much about the finer details of LDAP so I don't
know why those are there, but if the results could be filtered (right
after line 384 for example) like this:
results = filter(lambda x: x[0] is not None, results)
then that would solve my problem. I don't know if that would be
considered a hack or not though. Any help or advice would be greatly
appreciated. Thanks.
- Matt
but I am encountering a problem because every call to
connection.search_s always returns 2 "null" entries at the end of the
results and the django_auth_ldap module explicitly checks that there
is only one result returned. Specifically, I am talking about
_search_for_user_dn in backend.py where it checks for len(results) ==
1 .
The search results come back like this for me:
[(<actual matching entry>),
(None, ['ldap://something.mydomain.com/
DC=something,DC=mydomain,DC=com']),
(None, ['ldap://other.mydomain.com/DC=other,DC=mydomain,DC=com'])]
And those last 2 entries are always there no matter what I do. I even
tried setting the search sizelimit option to 1 and it still returns
those values.
I don't really know much about the finer details of LDAP so I don't
know why those are there, but if the results could be filtered (right
after line 384 for example) like this:
results = filter(lambda x: x[0] is not None, results)
then that would solve my problem. I don't know if that would be
considered a hack or not though. Any help or advice would be greatly
appreciated. Thanks.
- Matt
matt knox
Jul 28, 2010, 11:36:07 AM7/28/10
to django-auth-ldap
> I don't really know much about the finer details of LDAP so I don't
> know why those are there, but if the results could be filtered (right
> after line 384 for example) like this:
>
> results = filter(lambda x: x[0] is not None, results)
Sorry, I should say that this would need to be done in the execute
> know why those are there, but if the results could be filtered (right
> after line 384 for example) like this:
>
> results = filter(lambda x: x[0] is not None, results)
method in config.py because the logger.debug statement actually causes
an exception when it tries to join the list that has "None" entries in
it.
Peter Sagerson
Jul 28, 2010, 12:37:50 PM7/28/10
to django-a...@googlegroups.com
That's pretty strange behavior. Filtering the results as you describe does kind of smell like a hack, although it's hard to see what harm it could do. I would like to understand the problem a little bit better. Can you tell me what LDAP server you're running? Have you tried pulling up a Python shell and playing with ldap.search_s() in different areas of the directory to see if the behavior is universal? I don't suppose this is a publicly-accessible LDAP server by any chance?
Thanks
matt knox
Jul 28, 2010, 1:11:33 PM7/28/10
to django-auth-ldap
On Jul 28, 12:37 pm, Peter Sagerson <psag...@ignorare.net> wrote:
> That's pretty strange behavior. Filtering the results as you describe does
> kind of smell like a hack, although it's hard to see what harm it could do. I
> would like to understand the problem a little bit better. Can you tell me
> what LDAP server you're running? Have you tried pulling up a Python shell and
> playing with ldap.search_s() in different areas of the directory to see if
> the behavior is universal? I don't suppose this is a publicly-accessible LDAP
> server by any chance?
the server
so I don't know much about it. I suspect it is Microsoft based, based
on seeing
references to Microsoft and Exchange in the search results, but I
don't know
for sure.
I wasn't specifying an "OU" in the base_dn, I tried making that
explicit and it
does return just one result when I do that. The problem is that I need
to
authenticate users that could be from different organizational units.
For example: "OU=CANADA,DC=mydomain,DC=com", and
"OU=USA,DC=mydomain,DC=com".
If I leave out the "OU", it finds them regardless of where they are
from, but
returns the 2 null entries at the end. If I include it, then it only
works for
a subset of users (Canada, or USA). The full base_dn for me (from
inspecting
the search results) is
"OU=Users,OU=Toronto,OU=Canada,DC=mydomain,DC=com". I
tried just specifying "OU=Users,DC=mydomain,DC=com", but that does not
work.
Any thoughts or ideas? Thanks.
- Matt
Di majo
May 12, 2024, 3:50:51 PM5/12/24
to django-auth-ldap
MT103/202 DIRECT WIRE TRANSFER
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER
Thanks.
NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.
DM ME ON WHATSAPP
+44 7529 555638
PAYPAL TRANSFER
CASHAPP TRANSFER
ZELLE TRANSFER
LOAN DEAL
TRANSFER WISE
WESTERN UNION TRANSFER
BITCOIN FLASHING
BANK ACCOUNT LOADING/FLASHING
IBAN TO IBAN TRANSFER
MONEYGRAM TRANSFER
IPIP/DTC
SLBC PROVIDER
CREDIT CARD TOP UP
DUMPS/ PINS
SEPA TRANSFER
WIRE TRANSFER
BITCOIN TOP UP
GLOBALPAY INC US
SKRILL USA
UNIONPAY RECEIVER
Thanks.
NOTE; ONLY SERIOUS / RELIABLE RECEIVERS CAN CONTACT.
DM ME ON WHATSAPP
+44 7529 555638
Reply all
Reply to author
Forward
0 new messages