我正在使用位于此处的django-python3-ldap模块 https://github.com/etianen/django-python3-ldap#available-settings
我只希望属于某些群组成员的用户能够登录,因此我按照建议创建了一个功能
def app_users(ldap_fields):
# Add in simple filters.
ldap_fields["memberOf"] = "App_Admin"
# Call the base format callable.
search_filters = format_search_filters(ldap_fields)
# Advanced: apply custom LDAP filter logic.
search_filters.append("(|(memberOf=App_Admin)(memberOf=App_ITUser)(memberOf=App_NetworkUser))")
# All done!
return search_filters
但是这会返回以下调试
LDAP connect succeeded
LDAP user attributes empty
我认为它与foo样本有关,但我不确定如何解决它
由于
答案 0 :(得分:1)
我不记得很久以前我做了什么,但这是我的LDAP配置,我使用的是用于python 3的ldap模块
我没有写这个代码我会从某处获得它,但我不确定在哪里。
import ldap
# The URL of the LDAP server.
LDAP_AUTH_URL = 'ldap://domain.com:389'
# Initiate TLS on connection.
LDAP_AUTH_USE_TLS = False
# The LDAP search base for looking up users.
LDAP_AUTH_SEARCH_BASE = 'DC=domain,DC=com'
# The LDAP class that represents a user.
LDAP_AUTH_OBJECT_CLASS = 'organizationalPerson'
# User model fields mapped to the LDAP
# attributes that represent them.
LDAP_AUTH_USER_FIELDS = {
'username': 'sAMAccountName',
'first_name': 'givenName',
'last_name': 'sn',
'email': 'mail',
}
# A tuple of django model fields used to uniquely identify a user.
LDAP_AUTH_USER_LOOKUP_FIELDS = ('username',)
# Path to a callable that takes a dict of {model_field_name: value},
# returning a dict of clean model data.
# Use this to customize how data loaded from LDAP is saved to the User model.
LDAP_AUTH_CLEAN_USER_DATA = 'django_python3_ldap.utils.clean_user_data'
# Path to a callable that takes a user model and a dict of {ldap_field_name: [value]},
# and saves any additional user relationships based on the LDAP data.
# Use this to customize how data loaded from LDAP is saved to User model relations.
# For customizing non-related User model fields, use LDAP_AUTH_CLEAN_USER_DATA.
LDAP_AUTH_SYNC_USER_RELATIONS = 'django_python3_ldap.utils.sync_user_relations'
# Path to a callable that takes a dict of {ldap_field_name: value},
# returning a list of [ldap_search_filter]. The search filters will then be AND'd
# together when creating the final search filter.
LDAP_AUTH_FORMAT_SEARCH_FILTERS = 'django_python3_ldap.utils.format_search_filters'
#LDAP_AUTH_FORMAT_SEARCH_FILTERS = 'itapp.ldap_filters.app_users'
# Path to a callable that takes a dict of {model_field_name: value}, and returns
# a string of the username to bind to the LDAP server.
# Use this to support different types of LDAP server.
LDAP_AUTH_FORMAT_USERNAME = "django_python3_ldap.utils.format_username_active_directory"
# Sets the login domain for Active Directory users.
LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN = 'DOMAIN'
# The LDAP username and password of a user for querying the LDAP database for user
# details. If None, then the authenticated user will be used for querying, and
# the `ldap_sync_users` command will perform an anonymous query.
LDAP_AUTH_CONNECTION_USERNAME = None
LDAP_AUTH_CONNECTION_PASSWORD = None
LOGGING = {
"version": 1,
"disable_existing_loggers": False,
"handlers": {
"console": {
"class": "logging.StreamHandler",
},
},
"loggers": {
"django_python3_ldap": {
"handlers": ["console"],
"level": "INFO",
},
},
}
AUTHENTICATION_BACKENDS = (
'django_python3_ldap.auth.LDAPBackend',
'django.contrib.auth.backends.ModelBackend', #Comment out to prevent authentication from DB
)