Задать вопрос

Тел: +7 965 3737 888

451

Просмотров

2

Ответов

Authentication Against Active Directory (LDAP) over SSL

I had some trouble getting other peoples code to work for AD support, so I wrote my own which authenticates against LDAP and will also use SSL and cert if required. It will also verify that an autheticated user has specific group membership before authorizing.

This will also debug to a file, which is really helpful when trying to figure out problems.

One thing that really got me when getting python-ldap to work was that you must have "ldap.set_option(ldap.OPT_REFERRALS,0)" set or any ldap search will not work.

Also, this will add group permissions to a user.

Вопрос полезен? Да0/Нет0
file_3961.py(5.3Кб)
None

Ответы (2):

Ответoz123:03.05.2013
Ответ полезен? Да0/Нет0

Just to note, this snippet is very useful, but you really need to make sure that you have the groups in your django db. Otherwise you will see errors like:

DoesNotExist: Group matching query does not exist.

So, I patched the script to catch these errors with:

      # Adds all groups user is member of
      for group in userInfo['idGroup']:
          try:
              g = Group.objects.get(name=group)
          except Group.DoesNotExist:
              Group.objects.get_or_create(name=group)

Ответjashugan:26.10.2008
Ответ полезен? Да0/Нет0

Two questions about the certificate you used:

  1. Was it the root certificate for your AD Domain?
  2. Was it base 64 encoded?