I am trying to login as a LDAP-user with an e-mail adress. I used the following code:
settings.py
AUTH_LDAP_SERVER_URI = "ldap://192.168.12.123"
AUTH_LDAP_BIND_DN = "User"
AUTH_LDAP_BIND_PASSWORD = "Password"
AUTH_LDAP_CONNECTION_OPTIONS = {
ldap.OPT_DEBUG_LEVEL: 1,
ldap.OPT_REFERRALS: 0
}
AUTH_LDAP_USER_SEARCH = LDAPSearch("DC=domain,DC=com", ldap.SCOPE_ONELEVEL, "(uid=%(user)s)")
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("DC=domain,DC=com", ldap.SCOPE_SUBTREE, "(objectClass=group)")
AUTH_LDAP_GROUP_TYPE = NestedActiveDirectoryGroupType()
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
LDAP_AUTH_OBJECT_CLASS = "inetOrgPerson"
AUTH_LDAP_FIND_GROUP_PERMS = True
AUTH_LDAP_CACHE_GROUPS = True
AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600
AUTH_LDAP_E_USER_SEARCH = LDAPSearch("DC=domain,DC=com", ldap.SCOPE_SUBTREE, ldap.SCOPE_ONELEVEL, "(mail=%(user)s)")
AUTH_LDAP_E_USER_ATTR_MAP = AUTH_LDAP_USER_ATTR_MAP
AUTH_LDAP_E_ALWAYS_UPDATE_USER = AUTH_LDAP_ALWAYS_UPDATE_USER
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
#'django.contrib.auth.backends.ModelBackend',
'accounts.backends.LDAPEmailBackend',
)
backends.py
from django_auth_ldap.backend import LDAPBackend, _LDAPUser
class LDAPEmailBackend(LDAPBackend):
settings_prefix = "AUTH_LDAP_E_"
def get_or_create_user(self, email, ldap_user):
model = self.get_user_model()
username_field = getattr(model, 'USERNAME_FIELD', 'username')
kwargs = {
username_field + '__iexact': ldap_user.attrs['uid'][0],
'defaults': {
username_field: ldap_user.attrs['uid'][0].lower(),
'email': email
}
}
return model.objects.get_or_create(**kwargs)
The console gives me this:
search_s('DC=sbvg,DC=ch', 1, '(uid=%(user)s)') returned 0 objects: Authentication failed for [email protected]: failed to map the username to a DN. Caught LDAPError while authenticating [email protected]: SERVER_DOWN({'desc': u"Can't contact LDAP server"},)
If you have any idea, do not hesitate to post it.
