通过Active Directory 2008进行Django LDAP认证
|
我正在尝试通过企业Active Directory服务器对用户进行身份验证。
我无法正确配置它,我知道LDAP可以正常工作,但是我有一个MediaWiki已配置并且可以正常工作
在Active Directory服务器上进行身份验证。
系统:
Active Directory 2008
Django (1, 3, 0, \'final\', 0)
django-auth-ldap 1.0.9
from django_auth_ldap.config import LDAPSearch
import logging
# makes sure this works in Active Directory
ldap.set_option(ldap.OPT_REFERRALS, 0)
LDAP_SERVER_URI = \'ldap://ad.exemple.com\'
AUTH_LDAP_BIND_DN = \'my_user\'
AUTH_LDAP_BIND_PASSWORD = \'my_pass\'
AUTH_LDAP_USER_SEARCH = LDAPSearch(\'dc=exemple,dc=com\', ldap.SCOPE_SUBTREE, \'(SAMAccountName=%(user)s)\')
# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
\"first_name\": \"givenName\",
\"last_name\": \"sn\",
\"email\": \"mail\"
}
# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTHENTICATION_BACKENDS = (
\'django_auth_ldap.backend.LDAPBackend\',
\'django.contrib.auth.backends.ModelBackend\',
)
LDAP_SERVER_URI = \'ldaps://ad.exemple.com:636\'
WARNING 2011-05-31 16:50:19,429 backend 3968 140632428340992 Caught LDAPError while authenticating my_user: INVALID_CREDENTIALS({\'info\': \'80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1772\', \'desc\': \'Invalid credentials\'},)
[31/May/2011 16:50:19] \"POST /admin/ HTTP/1.1\" 200 9648
my_user@exemple.com
ERROR 2011-05-31 16:55:38,947 config 6505 139868662060800 search_s(\'dc=ubilium,dc=loc\', 2, \'(SAMAccountName=my_user)\') raised OPERATIONS_ERROR({\'info\': \'000004DC: LdapErr: DSID-0C0906DD, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1772\', \'desc\': \'Operations error\'},)
DEBUG 2011-05-31 16:55:38,947 backend 6505 139868662060800 Authentication failed for my_user
没有找到相关结果
已邀请:
1 个回复
弓萍功
因此,您尝试在以下过滤器中使用传入的用户名:我想知道这是否在每个额外的8英镑吗?即会更正确吗? 这是在说什么,对于$(user)变量,在AD中找到其sAMAccountName属性与该值匹配的对象,然后使用返回的DN作为绑定DN。但是您没有获得正确的DN,因此出现了LDAP 49-525错误。