11
Here’s another more recent snippet (July 2008, updated Dec 2015):
10
The link provided by Jeff indeed works though it assumes you have a you have a default group where users are added to. I simply replaced:
group=Group.objects.get(pk=1)
by
group,created=Group.objects.get_or_create(name="everyone")
If you want tighter integration & more features there is also django-auth-ldap which gives you you more control over how ldap users/group are mapped onto django users/groups.
For debugging the ldap connection I found this blog post useful, in particular the command for testing the ldap connection with ldap-utils:
ldapsearch -H ldaps://ldap-x.companygroup.local:636 -D "CN=Something LDAP,OU=Random Group,DC=companygroup,DC=local" -w "p4ssw0rd" -v -d 1
If you are using ssl there is also the issue of getting hold of a certificate will play nice with. Either you extract it from the server, or you can follow these instructions to generate your own.
- [Django]-Django plural for templates
- [Django]-How to set and get cookies in Django?
- [Django]-Removing 'Sites' from Django admin page
- [Django]-Test that user was logged in successfully
- [Django]-How to add an HTTP header to all Django responses
- [Django]-Django – run a function every x seconds
5
I had the same problem, and noticed that django-auth-ldap does not support SASL at all -> plain text passwords over the connection if TSL is not available.
Here is what i did for the problem:
https://github.com/susundberg/django-auth-ldap-ad
- [Django]-Integrate django password validators with django rest framework validate_password
- [Django]-Database returned an invalid value in QuerySet.dates()
- [Django]-Django 1.11 Annotating a Subquery Aggregate
5
You can subclass the django-auth-ldap backend to add AD capabilities over with SASL or Kerberos or whatever. Here’s a 2018 example working in Django 2.1:
- [Django]-Is this the way to validate Django model fields?
- [Django]-Django URL Redirect
- [Django]-Pip install the latest version