Ich versuche derzeit, django 1.11 mit dem django-python3-ldap 0.9.14-Modul zu authentifizieren. Ich fand dieses Modul hier auf https://github.com/etianen/django-python3-ldapWie konfigure django-python3-ldap Authentifizierung für Active Directoy?
Ich habe zuerst die Kommunikation mit dem Active Directory Studio (http://directory.apache.org/studio/) mit meinen Anmeldeinformationen getestet. Ich habe festgestellt, dass ich mich mit den folgenden Einstellungen authentifizieren muss.
Netzwerkparameter Hostname: serversipaddress Hafen: 389 Verschlüsselungsmethode: StartTLS Erweiterung Anbieter: Apache Directory LDAP-Client-API
Authentifizierung Bind Benutzer: Benutzername Passwort: xxxxx
Dann kann ich verbinden .
Ich habe die ldap config in der Datei settings.py gesetzt, beachten Sie, dass es spezifische Einstellungen für MS Active Directory gibt. Um zu testen, eine Kommunikation lief ich dann
python3 manage.py ldap_sync_users -v 3
Ich kann, dass die Kommunikation sehen gearbeitet, weil es die Nutzer greifen und sie in die django Datenbank einfügen.
ich fördern dann einen Benutzer
python3 manage.py ldap_promote rmilo
Aber nach dieser Einstellung bis ich einen rmilo Benutzer von ldap nicht auf die Admin-Seite einloggen können mit. http://127.0.0.1:8000/admin/login/?next=/admin/
Kann mir jemand helfen herauszufinden, was mit meiner Konfiguration nicht stimmt?
Der Fehler, der
[25/May/2017 23:17:03] "POST /admin/login/?next=/admin/ HTTP/1.1" 200 1813
LDAP connect failed: LDAPInvalidCredentialsResult - 49 - invalidCredentials - None - 80090308:
LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1
settings.py
"""
Django settings for project1 project.
Generated by 'django-admin startproject' using Django 1.11.
For more information on this file, see
https://docs.djangoproject.com/en/1.11/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.11/ref/settings/
"""
import os
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.11/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = []
# LDAP auth settings.
LDAP_AUTH_URL = "ldap://XXX.XXX.XXX.XXX:389"
LDAP_AUTH_USE_TLS = None
LDAP_AUTH_SEARCH_BASE = "DC=ecdc,DC=edgecast,DC=com"
LDAP_AUTH_OBJECT_CLASS = "organizationalPerson"
LDAP_AUTH_USER_FIELDS = {
"username": "sAMAccountName",
"first_name": "givenName",
"last_name": "sn",
"email": "mail",
}
LDAP_AUTH_USER_LOOKUP_FIELDS = ("username",)
LDAP_AUTH_CLEAN_USER_DATA = "django_python3_ldap.utils.clean_user_data"
LDAP_AUTH_SYNC_USER_RELATIONS = "django_python3_ldap.utils.sync_user_relations"
LDAP_AUTH_FORMAT_SEARCH_FILTERS = "django_python3_ldap.utils.format_search_filters"
LDAP_AUTH_FORMAT_USERNAME = "django_python3_ldap.utils.format_username_active_directory"
LDAP_AUTH_CONNECTION_USERNAME = 'username'
LDAP_AUTH_CONNECTION_PASSWORD = 'password'
AUTHENTICATION_BACKENDS = (
'django_python3_ldap.auth.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
LOGGING = {
"version": 1,
"disable_existing_loggers": False,
"handlers": {
"console": {
"class": "logging.StreamHandler",
},
},
"loggers": {
"django_python3_ldap": {
"handlers": ["console"],
"level": "INFO",
},
},
}
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django_python3_ldap',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
ROOT_URLCONF = 'project1.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': ['./templates',],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'project1.wsgi.application'
# Database
# https://docs.djangoproject.com/en/1.11/ref/settings/#databases
DATABASES = {
'default': {
'NAME': 'project1',
'ENGINE': 'django.db.backends.mysql',
'USER': 'root',
'PASSWORD': 'XXXXX',
'HOST': 'localhost',
'PORT': '3306',
}
}
# Password validation
# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/1.11/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.11/howto/static-files/
STATIC_URL = '/static/'
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'