Re: Django with LDAP for authentication, but not user group

2018-08-14 Thread Vineet Kothari 
ldap is mainly used for authorization

On Tue, Aug 14, 2018 at 9:33 AM, Mike Dewhirst 
wrote:

> On 13/08/2018 4:01 PM, Claire Chan Myae wrote:
>
>> Hello,
>>
>> I would like to integrate Django with my ldap. I want to use ldap only
>> for user authentication part, but not for user group. Would that be
>> possible? If I use ldap, i must use both user and group or I can use only
>> user?
>>
>
> https://djangopackages.org/grids/g/ldap/
>
> https://www.google.com/url?sa=t=j==s=web
> d=4=rja=8=2ahUKEwjpssPt0OvcAhWFa7wKHeO1AoIQFjAD
> egQIBxAB=https%3A%2F%2Fstackoverflow.com%2Fquestion
> s%2F19940466%2Funderstanding-django-ldap-authentication&
> usg=AOvVaw2Ipgeub6jtcyUjgOHdHKG-
>
> Good luck.
>
>
>> Thanks
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to django-users+unsubscr...@googlegroups.com > django-users+unsubscr...@googlegroups.com>.
>> To post to this group, send email to django-users@googlegroups.com
>> <mailto:django-users@googlegroups.com>.
>> Visit this group at https://groups.google.com/group/django-users.
>> To view this discussion on the web visit https://groups.google.com/d/ms
>> gid/django-users/2aff4555-9119-44b8-aa1e-6388c762a0dd%40googlegroups.com
>> <https://groups.google.com/d/msgid/django-users/2aff4555-911
>> 9-44b8-aa1e-6388c762a0dd%40googlegroups.com?utm_medium=email
>> _source=footer>.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit https://groups.google.com/d/ms
> gid/django-users/4dc10b42-c5c5-fc66-d79c-297fc56b2b9d%40dewhirst.com.au.
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAAcansvxAS-s6KfFefRoC1nLQ1pni7opSOTgyB6Cq4r%2BSmPd0A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django with LDAP for authentication, but not user group

2018-08-13 Thread Mike Dewhirst 

On 13/08/2018 4:01 PM, Claire Chan Myae wrote:

Hello,

I would like to integrate Django with my ldap. I want to use ldap only 
for user authentication part, but not for user group. Would that be 
possible? If I use ldap, i must use both user and group or I can use 
only user?


https://djangopackages.org/grids/g/ldap/

https://www.google.com/url?sa=t=j==s=web=4=rja=8=2ahUKEwjpssPt0OvcAhWFa7wKHeO1AoIQFjADegQIBxAB=https%3A%2F%2Fstackoverflow.com%2Fquestions%2F19940466%2Funderstanding-django-ldap-authentication=AOvVaw2Ipgeub6jtcyUjgOHdHKG-

Good luck.



Thanks
--
You received this message because you are subscribed to the Google 
Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to django-users+unsubscr...@googlegroups.com 
<mailto:django-users+unsubscr...@googlegroups.com>.
To post to this group, send email to django-users@googlegroups.com 
<mailto:django-users@googlegroups.com>.

Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/2aff4555-9119-44b8-aa1e-6388c762a0dd%40googlegroups.com 
<https://groups.google.com/d/msgid/django-users/2aff4555-9119-44b8-aa1e-6388c762a0dd%40googlegroups.com?utm_medium=email_source=footer>.

For more options, visit https://groups.google.com/d/optout.


--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/4dc10b42-c5c5-fc66-d79c-297fc56b2b9d%40dewhirst.com.au.
For more options, visit https://groups.google.com/d/optout.

Django with LDAP for authentication, but not user group

2018-08-13 Thread Claire Chan Myae 
Hello,

I would like to integrate Django with my ldap. I want to use ldap only for 
user authentication part, but not for user group. Would that be possible? 
If I use ldap, i must use both user and group or I can use only user?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/2aff4555-9119-44b8-aa1e-6388c762a0dd%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Django/Python-ldap Ldap Question Adding Entries

2014-07-27 Thread Paul J Stevens 
Does ou=Enki Users,dc=enki,dc=local actually exist already?

If it doesn't you need to create it first before trying to add objects
to it.


On 23-07-14 19:05, G Z wrote:
> I'm trying to add entries via a form post in django, I have the
> following code and its really not django specific but it is python-ldap
> specific.
> 
> 
> I'm trying to add entries with python ldap. I'm getting a naming
> convention error. My code is
> 
> import ldap 
> import ldap.modlist as modlist
> 
> LOGIN = "" 
> PASSWORD = '' 
> LDAP_URL = "ldap://127.0.0.1:389; 
> user='grant'
> l = ldap.initialize(LDAP_URL) 
> l.bind(LOGIN, PASSWORD) 
> dn="ou=Enki Users,dc=enki,dc=local" 
> 
> attrs = {}
> attrs['objectclass'] =
> ['top','organizationalRole','simpleSecurityObject']
> attrs['cn'] = 'test'
> attrs['userPassword'] = 'test'
> attrs['description'] = 'User object for replication using slurpd'
> 
> # Convert our dict to nice syntax for the add-function using
> modlist-module
> ldif = modlist.addModlist(attrs)
> 
> # Do the actual synchronous add-operation to the ldapserver
> l.add_s(dn,ldif)
> 
> # Its nice to the server to disconnect and free resources when done
> l.unbind_s()
> 
> The error is:
> 
> ldap.NAMING_VIOLATION: {'info': "2099: NameErr: DSID-0305109C,
> problem 2005 (NAMING_VIOLATION), data 0, best match
> of:\n\t'dc=enki,dc=local'\n", 'desc': 'Naming violation'}
> 
> 
> 
> The code that runs but doesn't insert the user into the correc
> organizational unit is the following code. However even though it runs I
> can't find the user in active directory. Please help me find whats
> wrong. I'm basically making a django webform for user management.
> 
> import ldap 
> import ldap.modlist as modlist
> 
> LOGIN = "" 
> PASSWORD = '' 
> LDAP_URL = "ldap://127.0.0.1:389; 
> user='grant'
> l = ldap.initialize(LDAP_URL) 
> l.bind(LOGIN, PASSWORD) 
> 
> dn="cn=test,ou=Enki Users,dc=enki,dc=local" 
> 
> attrs = {}
> attrs['objectclass'] =
> ['top','organizationalRole','simpleSecurityObject']
> attrs['cn'] = 'test'
> attrs['userPassword'] = 'test'
> attrs['description'] = 'User object for replication using slurpd'
> 
> # Convert our dict to nice syntax for the add-function using
> modlist-module
> ldif = modlist.addModlist(attrs)
> 
> # Do the actual synchronous add-operation to the ldapserver
> l.add_s(dn,ldif)
> 
> # Its nice to the server to disconnect and free resources when done
> l.unbind_s()
> 
> -- 
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to django-users+unsubscr...@googlegroups.com
> .
> To post to this group, send email to django-users@googlegroups.com
> .
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/a2400449-3f68-4f9c-9d8e-b2d94d0d69f5%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.

-- 

Paul J Stevens   pjstevns @ gmail, twitter, github, linkedin
   www.nfg.nl/i...@nfg.nl/+31.85.877.99.97

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/53D4F11C.90907%40nfg.nl.
For more options, visit https://groups.google.com/d/optout.

Django/Python-ldap Ldap Question Adding Entries

2014-07-23 Thread G Z 
I'm trying to add entries via a form post in django, I have the following 
code and its really not django specific but it is python-ldap specific.


I'm trying to add entries with python ldap. I'm getting a naming convention 
error. My code is

import ldap 
import ldap.modlist as modlist

LOGIN = "" 
PASSWORD = '' 
LDAP_URL = "ldap://127.0.0.1:389; 
user='grant'
l = ldap.initialize(LDAP_URL) 
l.bind(LOGIN, PASSWORD) 
dn="ou=Enki Users,dc=enki,dc=local" 

attrs = {}
attrs['objectclass'] = 
['top','organizationalRole','simpleSecurityObject']
attrs['cn'] = 'test'
attrs['userPassword'] = 'test'
attrs['description'] = 'User object for replication using slurpd'

# Convert our dict to nice syntax for the add-function using 
modlist-module
ldif = modlist.addModlist(attrs)

# Do the actual synchronous add-operation to the ldapserver
l.add_s(dn,ldif)

# Its nice to the server to disconnect and free resources when done
l.unbind_s()

The error is:

ldap.NAMING_VIOLATION: {'info': "2099: NameErr: DSID-0305109C, 
problem 2005 (NAMING_VIOLATION), data 0, best match 
of:\n\t'dc=enki,dc=local'\n", 'desc': 'Naming violation'}



The code that runs but doesn't insert the user into the correc 
organizational unit is the following code. However even though it runs I 
can't find the user in active directory. Please help me find whats wrong. 
I'm basically making a django webform for user management.

import ldap 
import ldap.modlist as modlist

LOGIN = "" 
PASSWORD = '' 
LDAP_URL = "ldap://127.0.0.1:389; 
user='grant'
l = ldap.initialize(LDAP_URL) 
l.bind(LOGIN, PASSWORD) 

dn="cn=test,ou=Enki Users,dc=enki,dc=local" 

attrs = {}
attrs['objectclass'] = 
['top','organizationalRole','simpleSecurityObject']
attrs['cn'] = 'test'
attrs['userPassword'] = 'test'
attrs['description'] = 'User object for replication using slurpd'

# Convert our dict to nice syntax for the add-function using 
modlist-module
ldif = modlist.addModlist(attrs)

# Do the actual synchronous add-operation to the ldapserver
l.add_s(dn,ldif)

# Its nice to the server to disconnect and free resources when done
l.unbind_s()

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/a2400449-3f68-4f9c-9d8e-b2d94d0d69f5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: django-auth-ldap

2013-05-15 Thread Anurag Chourasia 
Glad that it worked

On Wed, May 15, 2013 at 11:52 AM, Cody Scott <cody.j.b.sc...@gmail.com>wrote:

> The problem was that the LDAPSearch had to start with a OU= I had it start
> with a DC=.
>
>
> On Wednesday, 15 May 2013 11:27:08 UTC-4, Cody Scott wrote:
>>
>> I have that code but where does the logging go?
>>
>> On Wednesday, 15 May 2013 11:04:33 UTC-4, Guddu wrote:
>>>
>>> Ok. Now try to get django-ldap-auth working. See if you can enable the
>>> logging handler and grab some more information.
>>>
>>> http://pythonhosted.org/**django-auth-ldap/logging.html<http://pythonhosted.org/django-auth-ldap/logging.html>
>>>
>>> Regards
>>> Guddu
>>>
>>> On Wed, May 15, 2013 at 10:56 AM, Cody Scott <cody.j@gmail.com>wrote:
>>>
>>>> Ok The problem was that I had the file named ldap.py. I got it to work,
>>>> I had to add a print to
>>>>
>>>> l.result(result)
>>>>
>>>> put I get
>>>>
>>>> a tuple of a number and an empty list
>>>>
>>>> (#, [])
>>>>
>>>>  --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Django users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to django-users...@googlegroups.**com.
>>>> To post to this group, send email to django...@googlegroups.com.
>>>> Visit this group at 
>>>> http://groups.google.com/**group/django-users?hl=en<http://groups.google.com/group/django-users?hl=en>
>>>> .
>>>> For more options, visit 
>>>> https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out>
>>>> .
>>>>
>>>>
>>>>
>>>
>>>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Cody Scott 
The problem was that the LDAPSearch had to start with a OU= I had it start 
with a DC=.

On Wednesday, 15 May 2013 11:27:08 UTC-4, Cody Scott wrote:
>
> I have that code but where does the logging go?
>
> On Wednesday, 15 May 2013 11:04:33 UTC-4, Guddu wrote:
>>
>> Ok. Now try to get django-ldap-auth working. See if you can enable the 
>> logging handler and grab some more information.
>>
>> http://pythonhosted.org/django-auth-ldap/logging.html
>>
>> Regards
>> Guddu
>>
>> On Wed, May 15, 2013 at 10:56 AM, Cody Scott <cody.j@gmail.com>wrote:
>>
>>> Ok The problem was that I had the file named ldap.py. I got it to work, 
>>> I had to add a print to 
>>>
>>> l.result(result)
>>>
>>> put I get 
>>>
>>> a tuple of a number and an empty list
>>>
>>> (#, [])
>>>
>>>  -- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "Django users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to django-users...@googlegroups.com.
>>> To post to this group, send email to django...@googlegroups.com.
>>> Visit this group at http://groups.google.com/group/django-users?hl=en.
>>> For more options, visit https://groups.google.com/groups/opt_out.
>>>  
>>>  
>>>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Anurag Chourasia 
Its just basic python logging

http://docs.python.org/2/library/logging.html

Look at logging to a file

http://docs.python.org/2/howto/logging.html#logging-advanced-tutorial

Regards,
Guddu

On Wed, May 15, 2013 at 11:27 AM, Cody Scott <cody.j.b.sc...@gmail.com>wrote:

> I have that code but where does the logging go?
>
>
> On Wednesday, 15 May 2013 11:04:33 UTC-4, Guddu wrote:
>
>> Ok. Now try to get django-ldap-auth working. See if you can enable the
>> logging handler and grab some more information.
>>
>> http://pythonhosted.org/**django-auth-ldap/logging.html<http://pythonhosted.org/django-auth-ldap/logging.html>
>>
>> Regards
>> Guddu
>>
>> On Wed, May 15, 2013 at 10:56 AM, Cody Scott <cody.j@gmail.com>wrote:
>>
>>> Ok The problem was that I had the file named ldap.py. I got it to work,
>>> I had to add a print to
>>>
>>> l.result(result)
>>>
>>> put I get
>>>
>>> a tuple of a number and an empty list
>>>
>>> (#, [])
>>>
>>>  --
>>> You received this message because you are subscribed to the Google
>>> Groups "Django users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to django-users...@**googlegroups.com.
>>> To post to this group, send email to django...@googlegroups.com.
>>>
>>> Visit this group at 
>>> http://groups.google.com/**group/django-users?hl=en<http://groups.google.com/group/django-users?hl=en>
>>> .
>>> For more options, visit 
>>> https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out>
>>> .
>>>
>>>
>>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Cody Scott 
I have that code but where does the logging go?

On Wednesday, 15 May 2013 11:04:33 UTC-4, Guddu wrote:
>
> Ok. Now try to get django-ldap-auth working. See if you can enable the 
> logging handler and grab some more information.
>
> http://pythonhosted.org/django-auth-ldap/logging.html
>
> Regards
> Guddu
>
> On Wed, May 15, 2013 at 10:56 AM, Cody Scott 
> <cody.j@gmail.com
> > wrote:
>
>> Ok The problem was that I had the file named ldap.py. I got it to work, I 
>> had to add a print to 
>>
>> l.result(result)
>>
>> put I get 
>>
>> a tuple of a number and an empty list
>>
>> (#, [])
>>
>>  -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to django-users...@googlegroups.com .
>> To post to this group, send email to django...@googlegroups.com
>> .
>> Visit this group at http://groups.google.com/group/django-users?hl=en.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>  
>>  
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Anurag Chourasia 
Ok. Now try to get django-ldap-auth working. See if you can enable the
logging handler and grab some more information.

http://pythonhosted.org/django-auth-ldap/logging.html

Regards
Guddu

On Wed, May 15, 2013 at 10:56 AM, Cody Scott <cody.j.b.sc...@gmail.com>wrote:

> Ok The problem was that I had the file named ldap.py. I got it to work, I
> had to add a print to
>
> l.result(result)
>
> put I get
>
> a tuple of a number and an empty list
>
> (#, [])
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Anurag Chourasia 
Hi Cody

In the link that you sent i see that initialize is a valid attribute.

Also did you name your python file as ldap.py? If yes then that's the
problem i guess. Please rename it to something else and see what it gives
you.

Could you run these in a Python interpreter and tell me what does this show
you?

import ldap
print ldap.__file__

We should try to get this working first before moving to django-auth-ldap

Regards
Guddu

On Wed, May 15, 2013 at 10:17 AM, Cody Scott <cody.j.b.sc...@gmail.com>wrote:

> http://dpaste.org/EboQU/
>
> On Wednesday, 15 May 2013 10:09:01 UTC-4, Guddu wrote:
>
>> What does this give you?
>>
>> import ldap
>> dir(ldap)
>>
>> Regards
>> Guddu
>>
>> On Wed, May 15, 2013 at 10:04 AM, Cody Scott <cody.j@gmail.com>wrote:
>>
>>> I put that code in a separate python file and ran it without django or
>>> django-auth-ldap.
>>>
>>> l = ldap.initialize()
>>> AttributeError: 'module' object has no attribute 'initialize'
>>>
>>> so python-ldap is not installed properly?
>>>
>>> I am not able to login, no error just invalid credentials.
>>>
>>> How do I get logs from ldap? I don't have a login view I am using
>>> django's
>>>
>>> On Tuesday, 14 May 2013 17:01:44 UTC-4, Guddu wrote:
>>>>
>>>>
>>>>  --
>>> You received this message because you are subscribed to the Google
>>> Groups "Django users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to django-users...@**googlegroups.com.
>>> To post to this group, send email to django...@googlegroups.com.
>>>
>>> Visit this group at 
>>> http://groups.google.com/**group/django-users?hl=en<http://groups.google.com/group/django-users?hl=en>
>>> .
>>> For more options, visit 
>>> https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out>
>>> .
>>>
>>>
>>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Cody Scott 
Ok The problem was that I had the file named ldap.py. I got it to work, I 
had to add a print to 

l.result(result)

put I get 

a tuple of a number and an empty list

(#, [])

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Cody Scott 
http://dpaste.org/EboQU/

On Wednesday, 15 May 2013 10:09:01 UTC-4, Guddu wrote:
>
> What does this give you?
>
> import ldap
> dir(ldap)
>
> Regards
> Guddu
>
> On Wed, May 15, 2013 at 10:04 AM, Cody Scott 
> <cody.j@gmail.com
> > wrote:
>
>> I put that code in a separate python file and ran it without django or 
>> django-auth-ldap. 
>>
>> l = ldap.initialize()
>> AttributeError: 'module' object has no attribute 'initialize'
>>
>> so python-ldap is not installed properly? 
>>
>> I am not able to login, no error just invalid credentials. 
>>
>> How do I get logs from ldap? I don't have a login view I am using django's
>>
>> On Tuesday, 14 May 2013 17:01:44 UTC-4, Guddu wrote:
>>>
>>>
>>>  -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to django-users...@googlegroups.com .
>> To post to this group, send email to django...@googlegroups.com
>> .
>> Visit this group at http://groups.google.com/group/django-users?hl=en.
>> For more options, visit https://groups.google.com/groups/opt_out.
>>  
>>  
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Anurag Chourasia 
What does this give you?

import ldap
dir(ldap)

Regards
Guddu

On Wed, May 15, 2013 at 10:04 AM, Cody Scott <cody.j.b.sc...@gmail.com>wrote:

> I put that code in a separate python file and ran it without django or
> django-auth-ldap.
>
> l = ldap.initialize()
> AttributeError: 'module' object has no attribute 'initialize'
>
> so python-ldap is not installed properly?
>
> I am not able to login, no error just invalid credentials.
>
> How do I get logs from ldap? I don't have a login view I am using django's
>
> On Tuesday, 14 May 2013 17:01:44 UTC-4, Guddu wrote:
>>
>>
>>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-15 Thread Cody Scott 
I put that code in a separate python file and ran it without django or 
django-auth-ldap. 

l = ldap.initialize()
AttributeError: 'module' object has no attribute 'initialize'

so python-ldap is not installed properly? 

I am not able to login, no error just invalid credentials. 

How do I get logs from ldap? I don't have a login view I am using django's

On Tuesday, 14 May 2013 17:01:44 UTC-4, Guddu wrote:
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-14 Thread Anurag Chourasia 
Setting up of groups is not a requirement. In my case I am searching for
group membership just to grant/deny access based on Group membership also.
I sent my settings to you just to show you how I was using sAMAccountName
for user search.

So what exactly is not working in your case? You are not able to login? Do
you have any logs to share?

Can you try a small snippet like this (replacing the variables) to see if
bind works at all?

import ldap
l=ldap.initialize('ldap://:')
who=
cred=
result=l.bind(who,cred)
l.result(result)

Regards,
Guddu

On Tue, May 14, 2013 at 3:53 PM, Cody Scott wrote:

> Do I need to set up groups? I have a setting for
>
> AUTH_LDAP_SERVER_URI
> AUTH_LDAP_BIND_DN
> AUTH_LDAP_BIND_PASSWORD
> AUTH_LDAP_USER_SEARCH
>
> AUTH_LDAP_USER_ATTR_MAP = {
> "username": "sAMAccountName",
> "email": "mail"
> }
>
> I am using a custom auth model. Maybe that is the reason it is not working?
>
> from django.db import modelsfrom django.contrib.auth.models import 
> AbstractBaseUser, PermissionsMixin, BaseUserManagerfrom django.conf import 
> settingsfrom django.utils.translation import ugettext_lazy as _
> class MyUserManager(BaseUserManager):
> def create_user(self, username, email, name, company, password=None):
> if not email:
> raise ValueError('User must have an email address')
> if not username:
> raise ValueError('User must have a username')
>
> user = self.model(
> email=MyUserManager.normalize_email(email),
> )
> user.username = username
> user.set_password(password)
> user.name = name
> user.company = company
> user.save(using=self._db)
> return user
>
> def create_superuser(self, username, email, name, company, password):
> user = self.create_user(username,
> email,
> name,
> company,
> password=password
> )
> user.is_admin = True
> user.is_manager = True
> user.is_superuser = True
> user.save(using=self._db)
> return user
> class Users(AbstractBaseUser,PermissionsMixin):
> email   = models.EmailField(verbose_name=_('email address'), 
> max_length=255,unique=True,db_index=True,)
> username= models.CharField(verbose_name=_('Username'), 
> max_length=50,blank=True,unique=True)
> name= models.CharField(verbose_name=_('Name'), 
> max_length=50,blank=True)
> company = models.CharField(verbose_name=_('Company'), 
> max_length=255,blank=True)
> is_manager  = models.BooleanField(default=False)
> is_active   = models.BooleanField(default=True)
> is_admin= models.BooleanField(default=False)
> is_customer = models.BooleanField(default=False)
> datecreated = models.DateField(auto_now=True)
>
> objects = MyUserManager()
> USERNAME_FIELD  = 'username'
> REQUIRED_FIELDS = ['name', 'company', 'email']
>
> class Meta:
> verbose_name_plural = "Users"
>
> def get_full_name(self):
> return self.email
>
> def get_short_name(self):
> return self.email
>
> def __unicode__(self):
> return self.email
>
> def get_attempts_list(self, quiz):
> attempts = []
> for attempt in self.attempts.all():
> if attempt.quiz == quiz:
> attempts.append(attempt)
> return attempts
>
> @property
> def is_staff(self):
> return self.is_admin
>
>
>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-14 Thread Cody Scott 
Do I need to set up groups? I have a setting for 

AUTH_LDAP_SERVER_URI
AUTH_LDAP_BIND_DN
AUTH_LDAP_BIND_PASSWORD
AUTH_LDAP_USER_SEARCH

AUTH_LDAP_USER_ATTR_MAP = {
"username": "sAMAccountName",
"email": "mail"
}

I am using a custom auth model. Maybe that is the reason it is not working?

from django.db import modelsfrom django.contrib.auth.models import 
AbstractBaseUser, PermissionsMixin, BaseUserManagerfrom django.conf import 
settingsfrom django.utils.translation import ugettext_lazy as _
class MyUserManager(BaseUserManager):
def create_user(self, username, email, name, company, password=None):
if not email:
raise ValueError('User must have an email address')
if not username:
raise ValueError('User must have a username')

user = self.model(
email=MyUserManager.normalize_email(email),
)
user.username = username
user.set_password(password)
user.name = name
user.company = company
user.save(using=self._db)
return user

def create_superuser(self, username, email, name, company, password):
user = self.create_user(username,
email,
name,
company,
password=password
)
user.is_admin = True
user.is_manager = True
user.is_superuser = True
user.save(using=self._db)
return user
class Users(AbstractBaseUser,PermissionsMixin):
email   = models.EmailField(verbose_name=_('email address'), 
max_length=255,unique=True,db_index=True,)
username= models.CharField(verbose_name=_('Username'), 
max_length=50,blank=True,unique=True)
name= models.CharField(verbose_name=_('Name'), 
max_length=50,blank=True)
company = models.CharField(verbose_name=_('Company'), 
max_length=255,blank=True)
is_manager  = models.BooleanField(default=False)
is_active   = models.BooleanField(default=True)
is_admin= models.BooleanField(default=False)
is_customer = models.BooleanField(default=False)
datecreated = models.DateField(auto_now=True)

objects = MyUserManager()
USERNAME_FIELD  = 'username'
REQUIRED_FIELDS = ['name', 'company', 'email']

class Meta:
verbose_name_plural = "Users"

def get_full_name(self):
return self.email

def get_short_name(self):
return self.email

def __unicode__(self):
return self.email

def get_attempts_list(self, quiz):
attempts = []
for attempt in self.attempts.all():
if attempt.quiz == quiz:
attempts.append(attempt)
return attempts

@property
def is_staff(self):
return self.is_admin




-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: django-auth-ldap

2013-05-14 Thread Anurag Chourasia 
Hi Cody,

I am also using a Search Bind in a similar situation as yours You could
easily use the samaccountName for User Search.

Here is what I have in settings.py to give you a clearer picture.

AUTH_LDAP_USER_SEARCH = LDAPSearchUnion(
> LDAPSearch("OU=Users,
> OU=Central,OU=IDD,DC=client,DC=corp",ldap.SCOPE_SUBTREE,
> "(sAMAccountName=%(user)s)"),
>
> LDAPSearch("OU=Users,OU=Renca_CD,OU=Locales,OU=IDD,DC=client,DC=corp",ldap.SCOPE_SUBTREE,
> "(sAMAccountName=%(user)s)"),
> )


And yes, the user in %(user)s comes from the login form.

Regards,
Guddu

On Tue, May 14, 2013 at 2:52 PM, Cody Scott <cody.j.b.sc...@gmail.com>wrote:

> I am trying to get django-auth-ldap working with an Active Directory LDAP
> Server.
>
> I don't understand the documentation for the Search/Bind or Direct Bind.
>
> Is 'uid' the LDAP attribute uid? My LDAP doesn't use this attribute.
>
> I tried putting 'samaccountName' an attribute that is used for logon.
>
> Where does the 'user' come from? Is that the username field from the login
> form?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

django-auth-ldap

2013-05-14 Thread Cody Scott 
I am trying to get django-auth-ldap working with an Active Directory LDAP 
Server.

I don't understand the documentation for the Search/Bind or Direct Bind.

Is 'uid' the LDAP attribute uid? My LDAP doesn't use this attribute.

I tried putting 'samaccountName' an attribute that is used for logon. 

Where does the 'user' come from? Is that the username field from the login 
form?

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: Django and LDAP

2012-09-16 Thread sbrandt 
Where exactly do you need help?

You can install it like every other python package via pip or easy_install: 
"pip install django-auth-ldap" or "easy_install django-auth-ldap".

Configuration is really easy and described in the documentation. They 
support groups and automatic extraction of LDAP data into user fields, even 
into the user profile: http://packages.python.org/django-auth-ldap/

I suggest you to read this documentation since it is really clear to 
understand and answer here if you have a particular problem :) Good luck!

Am Donnerstag, 13. September 2012 17:43:56 UTC+2 schrieb Tony:
>
> Thank you sbrandt. I found the same thing, but i don't know how to use it. 
> Where do i need to copy the files and do i erase some lines of the code or 
> not, to make them as comments. I'm trying but i am not succeeding at making 
> it work...
>
> Can you help me about that? 
>
> On Thu, Sep 13, 2012 at 10:16 AM, sbrandt 
> <s.brand...@googlemail.com
> > wrote:
>
>> Did you know there is django-auth-ldap which is a custom backend for 
>> authenticating users through LDAP? 
>> http://pypi.python.org/pypi/django-auth-ldap/
>>
>> I don't see the point why you fiddle around with writing code on your 
>> own. I'm using django-auth-ldap since one and a half year in production and 
>> it works like a charm.
>>
>>  -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Django users" group.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msg/django-users/-/4Go12iWz_pEJ.
>>
>> To post to this group, send email to django...@googlegroups.com
>> .
>> To unsubscribe from this group, send email to 
>> django-users...@googlegroups.com .
>> For more options, visit this group at 
>> http://groups.google.com/group/django-users?hl=en.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/TS0KtsVUDe0J.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django and LDAP

2012-09-13 Thread Ivan Pavlović 
Thank you sbrandt. I found the same thing, but i don't know how to use it.
Where do i need to copy the files and do i erase some lines of the code or
not, to make them as comments. I'm trying but i am not succeeding at making
it work...

Can you help me about that?

On Thu, Sep 13, 2012 at 10:16 AM, sbrandt <s.brandt.ber...@googlemail.com>wrote:

> Did you know there is django-auth-ldap which is a custom backend for
> authenticating users through LDAP?
> http://pypi.python.org/pypi/django-auth-ldap/
>
> I don't see the point why you fiddle around with writing code on your own.
> I'm using django-auth-ldap since one and a half year in production and it
> works like a charm.
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/4Go12iWz_pEJ.
>
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django and LDAP

2012-09-13 Thread sbrandt 
Did you know there is django-auth-ldap which is a custom backend for 
authenticating users through LDAP? 
http://pypi.python.org/pypi/django-auth-ldap/

I don't see the point why you fiddle around with writing code on your own. 
I'm using django-auth-ldap since one and a half year in production and it 
works like a charm.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/4Go12iWz_pEJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django and LDAP

2012-09-12 Thread Stephen Anto 
Hi,

Django instalation on ubuntu, I found key instructions on
http://www.f2finterview.com/web/Django/4/

for more follow django instalation guide

On Mon, Sep 10, 2012 at 11:44 PM, Tony <pavlovic.ivan...@gmail.com> wrote:

> Hi everybody,
>
> I am new to Django and Python, and right now, i am going through the
> documentation. I have an assignment at my Faculty, where i need to install
> Django, 389ds LDAP server (where i have to store my users) and i need to
> somehow connect them two, so i can auth users from LDAP when logging into
> Django. i have read some documentation, and i saw a massive lines of code,
> add this, add that, and i don't get any of that.
>
> Can someone please help me with this issue, i'll be very grateful.
>
> Thank you
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/django-users/-/7ArlkeKjY0YJ.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>



-- 
Thanks & Regards
Stephen S



Website: www.f2finterview.com
Blog:  blog.f2finterview.com
Tutorial:  tutorial.f2finterview.com
Group:www.charvigroups.com

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django and LDAP

2012-09-11 Thread Mike Dewhirst 

On 12/09/2012 8:05am, Mike Dewhirst wrote:

On 12/09/2012 7:49am, Ivan Pavlović wrote:

Thank you Mike for your answer. I started this topic, because i have an
assignment at my Faculty, which requires connection between Django and
an LDAP (assistant insisted on 389ds). I installed Django, enabled
admin, logged in through Firefox. I can't make up my mind, do i need to
connect Django and LDAP like so that all users from LDAP can login
through e.g. localhost:8000/admin, or do i need to make a register/login
page, where users from LDAP server can login and onlu admin can login
from admin page? The second is mpre logical to me, but i don't know,
because i am new to Django and Python.






There is no substitute for getting started.


https://github.com/mdewhirst/ldap-groups

I got a great start using Peter Herndon's django-ldap-groups which 
completely satisfied my client's specifications at the time. I ended up 
enhancing the Novell eDirectory backend somewhat for Django 1.3 and it 
probably needs more attention for Django 1.4 - check the Django release 
notes in the authentication backend area.


Anyway, I just uploaded it to github so you or anyone else can use it. 
You should check Peter's site for licensing and to compare the original 
with my adjustments.


http://pypi.python.org/pypi/django-ldap-groups/0.1.3

Also, google for "django ldap" to find a bunch of other ldap software.

hth

Mike




--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django and LDAP

2012-09-11 Thread Ivan Pavlović 
I appreciate it Thomas :)

On Wed, Sep 12, 2012 at 12:11 AM, Ivan Pavlović
<pavlovic.ivan...@gmail.com>wrote:

> Once again, thank you. If you have some advices or pointers where to start
> (besides the ones you've already mentioned), how to develop my knowledge,
> please feel free to share with me.
>
> Grateful
> Tony
>
>
> On Wed, Sep 12, 2012 at 12:05 AM, Mike Dewhirst <mi...@dewhirst.com.au>wrote:
>
>> On 12/09/2012 7:49am, Ivan Pavlović wrote:
>>
>>> Thank you Mike for your answer. I started this topic, because i have an
>>> assignment at my Faculty, which requires connection between Django and
>>> an LDAP (assistant insisted on 389ds). I installed Django, enabled
>>> admin, logged in through Firefox. I can't make up my mind, do i need to
>>> connect Django and LDAP like so that all users from LDAP can login
>>> through e.g. localhost:8000/admin, or do i need to make a register/login
>>> page, where users from LDAP server can login and onlu admin can login
>>> from admin page? The second is mpre logical to me, but i don't know,
>>> because i am new to Django and Python.
>>>
>>
>> It is immaterial where it is hosted except localhost:8000 is usually the
>> development machine running the development server. It comes with a caveat
>> "not for production use". You really need a production web server for
>> production.
>>
>> Your other questions are unanswerable without a set of specs. You can use
>> the admin or not and you can use the login/auth with your own app and/or
>> the admin depending on the url you use. Users can be permitted to use the
>> admin or not depending on user.is_staff
>>
>> There is no substitute for getting started.
>>
>>
>>>
>>>
>>> On Tue, Sep 11, 2012 at 12:36 AM, Mike Dewhirst <mi...@dewhirst.com.au
>>> <mailto:mi...@dewhirst.com.au>**> wrote:
>>>
>>> On 11/09/2012 4:14am, Tony wrote:
>>>
>>> Hi everybody,
>>>
>>> I am new to Django and Python, and right now, i am going through
>>> the
>>> documentation. I have an assignment at my Faculty, where i need
>>> to
>>> install Django, 389ds LDAP server (where i have to store my
>>> users) and i
>>> need to somehow connect them two, so i can auth users from LDAP
>>> when
>>> logging into Django. i have read some documentation, and i saw a
>>> massive
>>> lines of code, add this, add that, and i don't get any of that.
>>>
>>>
>>> I think the best first step is to tightly specify your requirements.
>>> There are lots of different approaches and your choice of available
>>> open source depends a lot on what you want to do. For example, you
>>> may be interested in ldap group membership being related to Django
>>> groups.
>>>
>>> Being new to Python and Django isn't a problem. Look at Mark
>>> Pilgrim's Dive into Python (the first one which covers Python 2.x)
>>> then do the Django tutorials up to the point where the Django Admin
>>> is working for you. That will demonstrate "add this, add that" and
>>> make it easier for you. Also, install pip for fetching this and that!
>>>
>>> The Django Admin auth will happily/easily accept external auth
>>> backends.
>>>
>>> I have stopped using ldap nowadays but when I had it working the
>>> general principle employed was to query the ldap server and if it
>>> authenticated the offered userid and password AND the userid didn't
>>> exist in the Django user table, the backend inserted a new record.
>>>
>>>  >From my own experience I can recommend you start with a plan to
>>> unit test absolutely everything. The ldap side of things is tricky.
>>> Once you get your head around Python and Django you will really
>>> appreciate the nth degree of flexibility.
>>>
>>> Good luck
>>>
>>> Mike
>>>
>>>
>>>
>>> Can someone please help me with this issue, i'll be very
>>> grateful.
>>>
>>> Thank you
>>>
>>> --
>>> You received this message because you are subscribed to the
>>> Google
>>> Groups "Django users" group.
>>> To view this discussion on the web visit
>>> h

Re: Django and LDAP

2012-09-11 Thread Ivan Pavlović 
Once again, thank you. If you have some advices or pointers where to start
(besides the ones you've already mentioned), how to develop my knowledge,
please feel free to share with me.

Grateful
Tony

On Wed, Sep 12, 2012 at 12:05 AM, Mike Dewhirst <mi...@dewhirst.com.au>wrote:

> On 12/09/2012 7:49am, Ivan Pavlović wrote:
>
>> Thank you Mike for your answer. I started this topic, because i have an
>> assignment at my Faculty, which requires connection between Django and
>> an LDAP (assistant insisted on 389ds). I installed Django, enabled
>> admin, logged in through Firefox. I can't make up my mind, do i need to
>> connect Django and LDAP like so that all users from LDAP can login
>> through e.g. localhost:8000/admin, or do i need to make a register/login
>> page, where users from LDAP server can login and onlu admin can login
>> from admin page? The second is mpre logical to me, but i don't know,
>> because i am new to Django and Python.
>>
>
> It is immaterial where it is hosted except localhost:8000 is usually the
> development machine running the development server. It comes with a caveat
> "not for production use". You really need a production web server for
> production.
>
> Your other questions are unanswerable without a set of specs. You can use
> the admin or not and you can use the login/auth with your own app and/or
> the admin depending on the url you use. Users can be permitted to use the
> admin or not depending on user.is_staff
>
> There is no substitute for getting started.
>
>
>>
>>
>> On Tue, Sep 11, 2012 at 12:36 AM, Mike Dewhirst <mi...@dewhirst.com.au
>> <mailto:mi...@dewhirst.com.au>**> wrote:
>>
>> On 11/09/2012 4:14am, Tony wrote:
>>
>> Hi everybody,
>>
>> I am new to Django and Python, and right now, i am going through
>> the
>> documentation. I have an assignment at my Faculty, where i need to
>> install Django, 389ds LDAP server (where i have to store my
>> users) and i
>> need to somehow connect them two, so i can auth users from LDAP
>> when
>> logging into Django. i have read some documentation, and i saw a
>> massive
>> lines of code, add this, add that, and i don't get any of that.
>>
>>
>> I think the best first step is to tightly specify your requirements.
>> There are lots of different approaches and your choice of available
>> open source depends a lot on what you want to do. For example, you
>> may be interested in ldap group membership being related to Django
>> groups.
>>
>> Being new to Python and Django isn't a problem. Look at Mark
>> Pilgrim's Dive into Python (the first one which covers Python 2.x)
>> then do the Django tutorials up to the point where the Django Admin
>> is working for you. That will demonstrate "add this, add that" and
>> make it easier for you. Also, install pip for fetching this and that!
>>
>> The Django Admin auth will happily/easily accept external auth
>> backends.
>>
>> I have stopped using ldap nowadays but when I had it working the
>> general principle employed was to query the ldap server and if it
>> authenticated the offered userid and password AND the userid didn't
>> exist in the Django user table, the backend inserted a new record.
>>
>>  >From my own experience I can recommend you start with a plan to
>> unit test absolutely everything. The ldap side of things is tricky.
>> Once you get your head around Python and Django you will really
>> appreciate the nth degree of flexibility.
>>
>> Good luck
>>
>> Mike
>>
>>
>>
>> Can someone please help me with this issue, i'll be very grateful.
>>
>> Thank you
>>
>> --
>> You received this message because you are subscribed to the Google
>> Groups "Django users" group.
>> To view this discussion on the web visit
>> https://groups.google.com/d/__**msg/django-users/-/__**
>> 7ArlkeKjY0YJ<https://groups.google.com/d/__msg/django-users/-/__7ArlkeKjY0YJ>
>> 
>> <https://groups.google.com/d/**msg/django-users/-/**7ArlkeKjY0YJ<https://groups.google.com/d/msg/django-users/-/7ArlkeKjY0YJ>
>> >.
>>
>> To post to this group, send email to
>> django-users@googlegroups.com
>> 
>> <mailto:django-users@**googlegroups.com<django-users@googlegroups.com>
>>

Re: Django and LDAP

2012-09-11 Thread Thomas Lockhart 

On 9/11/12 2:49 PM, Ivan Pavlović wrote:
Thank you Mike for your answer. I started this topic, because i have 
an assignment at my Faculty, which requires connection between Django 
and an LDAP (assistant insisted on 389ds). I installed Django, enabled 
admin, logged in through Firefox. I can't make up my mind, do i need 
to connect Django and LDAP like so that all users from LDAP can login 
through e.g. localhost:8000/admin, or do i need to make a 
register/login page, where users from LDAP server can login and onlu 
admin can login from admin page? The second is mpre logical to me, but 
i don't know, because i am new to Django and Python.
I believe that you will write a (small) middleware function which will 
be added to the tuple PASSWORD_HASHERS in your settings.py. The 
middleware will take the username and password already provided by the 
user from an existing login page and then access your LDAP server for 
the authentication.


You can probably find example code for that middleware function in 
Django; I needed to use existing Drupal (ugh) passwords for a content 
conversion to Mezzanine and found an example, probably on django-snippets.


hth

- Tom

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django and LDAP

2012-09-11 Thread Mike Dewhirst 

On 12/09/2012 7:49am, Ivan Pavlović wrote:

Thank you Mike for your answer. I started this topic, because i have an
assignment at my Faculty, which requires connection between Django and
an LDAP (assistant insisted on 389ds). I installed Django, enabled
admin, logged in through Firefox. I can't make up my mind, do i need to
connect Django and LDAP like so that all users from LDAP can login
through e.g. localhost:8000/admin, or do i need to make a register/login
page, where users from LDAP server can login and onlu admin can login
from admin page? The second is mpre logical to me, but i don't know,
because i am new to Django and Python.


It is immaterial where it is hosted except localhost:8000 is usually the 
development machine running the development server. It comes with a 
caveat "not for production use". You really need a production web server 
for production.


Your other questions are unanswerable without a set of specs. You can 
use the admin or not and you can use the login/auth with your own app 
and/or the admin depending on the url you use. Users can be permitted to 
use the admin or not depending on user.is_staff


There is no substitute for getting started.





On Tue, Sep 11, 2012 at 12:36 AM, Mike Dewhirst <mi...@dewhirst.com.au
<mailto:mi...@dewhirst.com.au>> wrote:

On 11/09/2012 4:14am, Tony wrote:

Hi everybody,

I am new to Django and Python, and right now, i am going through the
documentation. I have an assignment at my Faculty, where i need to
install Django, 389ds LDAP server (where i have to store my
users) and i
need to somehow connect them two, so i can auth users from LDAP when
logging into Django. i have read some documentation, and i saw a
massive
lines of code, add this, add that, and i don't get any of that.


I think the best first step is to tightly specify your requirements.
There are lots of different approaches and your choice of available
open source depends a lot on what you want to do. For example, you
may be interested in ldap group membership being related to Django
groups.

Being new to Python and Django isn't a problem. Look at Mark
Pilgrim's Dive into Python (the first one which covers Python 2.x)
then do the Django tutorials up to the point where the Django Admin
is working for you. That will demonstrate "add this, add that" and
make it easier for you. Also, install pip for fetching this and that!

The Django Admin auth will happily/easily accept external auth backends.

I have stopped using ldap nowadays but when I had it working the
general principle employed was to query the ldap server and if it
authenticated the offered userid and password AND the userid didn't
exist in the Django user table, the backend inserted a new record.

 >From my own experience I can recommend you start with a plan to
unit test absolutely everything. The ldap side of things is tricky.
Once you get your head around Python and Django you will really
appreciate the nth degree of flexibility.

Good luck

Mike



Can someone please help me with this issue, i'll be very grateful.

Thank you

--
You received this message because you are subscribed to the Google
Groups "Django users" group.
To view this discussion on the web visit
https://groups.google.com/d/__msg/django-users/-/__7ArlkeKjY0YJ
<https://groups.google.com/d/msg/django-users/-/7ArlkeKjY0YJ>.
To post to this group, send email to
django-users@googlegroups.com
<mailto:django-users@googlegroups.com>.
To unsubscribe from this group, send email to
django-users+unsubscribe@__googlegroups.com
<mailto:django-users%2bunsubscr...@googlegroups.com>.
For more options, visit this group at
http://groups.google.com/__group/django-users?hl=en
<http://groups.google.com/group/django-users?hl=en>.


--
You received this message because you are subscribed to the Google
Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com
<mailto:django-users@googlegroups.com>.
To unsubscribe from this group, send email to
django-users+unsubscribe@__googlegroups.com
<mailto:django-users%2bunsubscr...@googlegroups.com>.
For more options, visit this group at
http://groups.google.com/__group/django-users?hl=en
<http://groups.google.com/group/django-users?hl=en>.


--
You received this message because you are subscribed to the Google
Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group

Re: Django and LDAP

2012-09-11 Thread Ivan Pavlović 
Thank you Mike for your answer. I started this topic, because i have an
assignment at my Faculty, which requires connection between Django and an
LDAP (assistant insisted on 389ds). I installed Django, enabled admin,
logged in through Firefox. I can't make up my mind, do i need to connect
Django and LDAP like so that all users from LDAP can login through e.g.
localhost:8000/admin, or do i need to make a register/login page, where
users from LDAP server can login and onlu admin can login from admin page?
The second is mpre logical to me, but i don't know, because i am new to
Django and Python.



On Tue, Sep 11, 2012 at 12:36 AM, Mike Dewhirst <mi...@dewhirst.com.au>wrote:

> On 11/09/2012 4:14am, Tony wrote:
>
>> Hi everybody,
>>
>> I am new to Django and Python, and right now, i am going through the
>> documentation. I have an assignment at my Faculty, where i need to
>> install Django, 389ds LDAP server (where i have to store my users) and i
>> need to somehow connect them two, so i can auth users from LDAP when
>> logging into Django. i have read some documentation, and i saw a massive
>> lines of code, add this, add that, and i don't get any of that.
>>
>
> I think the best first step is to tightly specify your requirements. There
> are lots of different approaches and your choice of available open source
> depends a lot on what you want to do. For example, you may be interested in
> ldap group membership being related to Django groups.
>
> Being new to Python and Django isn't a problem. Look at Mark Pilgrim's
> Dive into Python (the first one which covers Python 2.x) then do the Django
> tutorials up to the point where the Django Admin is working for you. That
> will demonstrate "add this, add that" and make it easier for you. Also,
> install pip for fetching this and that!
>
> The Django Admin auth will happily/easily accept external auth backends.
>
> I have stopped using ldap nowadays but when I had it working the general
> principle employed was to query the ldap server and if it authenticated the
> offered userid and password AND the userid didn't exist in the Django user
> table, the backend inserted a new record.
>
> From my own experience I can recommend you start with a plan to unit test
> absolutely everything. The ldap side of things is tricky. Once you get your
> head around Python and Django you will really appreciate the nth degree of
> flexibility.
>
> Good luck
>
> Mike
>
>
>
>> Can someone please help me with this issue, i'll be very grateful.
>>
>> Thank you
>>
>> --
>> You received this message because you are subscribed to the Google
>> Groups "Django users" group.
>> To view this discussion on the web visit
>> https://groups.google.com/d/**msg/django-users/-/**7ArlkeKjY0YJ<https://groups.google.com/d/msg/django-users/-/7ArlkeKjY0YJ>
>> .
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> django-users+unsubscribe@**googlegroups.com<django-users%2bunsubscr...@googlegroups.com>
>> .
>> For more options, visit this group at
>> http://groups.google.com/**group/django-users?hl=en<http://groups.google.com/group/django-users?hl=en>
>> .
>>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to django-users+unsubscribe@**
> googlegroups.com <django-users%2bunsubscr...@googlegroups.com>.
> For more options, visit this group at http://groups.google.com/**
> group/django-users?hl=en<http://groups.google.com/group/django-users?hl=en>
> .
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: Django and LDAP

2012-09-10 Thread Mike Dewhirst 

On 11/09/2012 4:14am, Tony wrote:

Hi everybody,

I am new to Django and Python, and right now, i am going through the
documentation. I have an assignment at my Faculty, where i need to
install Django, 389ds LDAP server (where i have to store my users) and i
need to somehow connect them two, so i can auth users from LDAP when
logging into Django. i have read some documentation, and i saw a massive
lines of code, add this, add that, and i don't get any of that.


I think the best first step is to tightly specify your requirements. 
There are lots of different approaches and your choice of available open 
source depends a lot on what you want to do. For example, you may be 
interested in ldap group membership being related to Django groups.


Being new to Python and Django isn't a problem. Look at Mark Pilgrim's 
Dive into Python (the first one which covers Python 2.x) then do the 
Django tutorials up to the point where the Django Admin is working for 
you. That will demonstrate "add this, add that" and make it easier for 
you. Also, install pip for fetching this and that!


The Django Admin auth will happily/easily accept external auth backends.

I have stopped using ldap nowadays but when I had it working the general 
principle employed was to query the ldap server and if it authenticated 
the offered userid and password AND the userid didn't exist in the 
Django user table, the backend inserted a new record.


From my own experience I can recommend you start with a plan to unit 
test absolutely everything. The ldap side of things is tricky. Once you 
get your head around Python and Django you will really appreciate the 
nth degree of flexibility.


Good luck

Mike



Can someone please help me with this issue, i'll be very grateful.

Thank you

--
You received this message because you are subscribed to the Google
Groups "Django users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/django-users/-/7ArlkeKjY0YJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.


--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Django and LDAP

2012-09-10 Thread Tony 
Hi everybody,

I am new to Django and Python, and right now, i am going through the 
documentation. I have an assignment at my Faculty, where i need to install 
Django, 389ds LDAP server (where i have to store my users) and i need to 
somehow connect them two, so i can auth users from LDAP when logging into 
Django. i have read some documentation, and i saw a massive lines of code, 
add this, add that, and i don't get any of that.

Can someone please help me with this issue, i'll be very grateful.

Thank you

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/django-users/-/7ArlkeKjY0YJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-24 Thread andreas schmid 
Peter Herndon wrote:
> On Feb 22, 2010, at 3:13 PM, andreas schmid wrote:
>
>   
>> Peter Herndon wrote:
>> 
>>> On Mon, Feb 22, 2010 at 9:40 AM, andreas schmid  
>>> wrote:
>>>
>>>
>>>   
 im experiencing strange problems now. the user is able to authenticate
 against ldap only if in the active directory the displayName == username
 why this? i dont get any error or traceback, the user only isnt able to
 get logged in


 
>>> If users were able to authenticate, and are now not able to
>>> authenticate, what changed?  
>>>   
>> i was thinkin the authentication over ldap group was working because i
>> testet it only whith a testuser which had sAMAccountName == displayName
>> but now im figuring that if thats not equal it desnt work as expected.
>> the app is still in development and i didnt work on it for a few days.
>> 
>
> Hmm.  When I get to work tomorrow, I'll take a look and see if the 
> displayName is the same as the sAMAccountName in our AD.  If they are 
> consistently the same, that might be a sign that some part of this operation 
> is looking at the displayName.
>
> It occurs to me, Andreas, I'd be very interested to know if someone who has a 
> displayName *different* from the sAMAccountName can log in initially, but not 
> a second time; or, can that person not log in at all? Is it consistent? If 
> you change someone's displayName, do they instantly stop being able to log in?
>
>
>   
i got a few steps forward in the understanding of the problem. if i try
to bind with simple_bind_s or bind_s with a user which has
sAMAccountName != displayName im getting a Invalid Credentials back and
of course the user is not authenticated. if i change the bind in the
authentication backend to simple_bind i get the object back but the user
is not created or authenticated but the output is the same as with a
"sAMAccountName == displayName"-User binded with a simple_bind_s or bind_s.
>   
>> i started to log a bit today and will go on tomorrow and post what i
>> will get or the solution if i will find it.
>> 
>
> Do let me know. I'm wondering if the problem is with the bind setting on line 
> 81 of backends.py.  Where I work, our AD is configured to accept 
> "hernd...@example" for the bind, where the "@example" is your NT4_DOMAIN 
> setting.  If your AD is not configured to accept that kind of identifier, 
> that might cause an issue.  We may need to mix things up a bit, and try a 
> search-for-user-and-then-bind approach similar to the one in the eDirectory 
> backend starting at line 157.  It also occurs to me that the "n...@domain" 
> pattern might be looking at displayName -- I'm no expert on Active Directory. 
>  To that end, you may want to insert a logging statement of the exception 
> that's caught at line 134, between 134 and 135.
>
>   
i changed this part not to use the NT4_DOMAIN like i wrote above. 
> ---Peter
>
>   

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-22 Thread Peter Herndon 

On Feb 22, 2010, at 3:13 PM, andreas schmid wrote:

> Peter Herndon wrote:
>> On Mon, Feb 22, 2010 at 9:40 AM, andreas schmid  wrote:
>> 
>> 
>>> im experiencing strange problems now. the user is able to authenticate
>>> against ldap only if in the active directory the displayName == username
>>> why this? i dont get any error or traceback, the user only isnt able to
>>> get logged in
>>> 
>>> 
>> 
>> If users were able to authenticate, and are now not able to
>> authenticate, what changed?  
> i was thinkin the authentication over ldap group was working because i
> testet it only whith a testuser which had sAMAccountName == displayName
> but now im figuring that if thats not equal it desnt work as expected.
> the app is still in development and i didnt work on it for a few days.

Hmm.  When I get to work tomorrow, I'll take a look and see if the displayName 
is the same as the sAMAccountName in our AD.  If they are consistently the 
same, that might be a sign that some part of this operation is looking at the 
displayName.

It occurs to me, Andreas, I'd be very interested to know if someone who has a 
displayName *different* from the sAMAccountName can log in initially, but not a 
second time; or, can that person not log in at all? Is it consistent? If you 
change someone's displayName, do they instantly stop being able to log in?


>> 
> i started to log a bit today and will go on tomorrow and post what i
> will get or the solution if i will find it.

Do let me know. I'm wondering if the problem is with the bind setting on line 
81 of backends.py.  Where I work, our AD is configured to accept 
"hernd...@example" for the bind, where the "@example" is your NT4_DOMAIN 
setting.  If your AD is not configured to accept that kind of identifier, that 
might cause an issue.  We may need to mix things up a bit, and try a 
search-for-user-and-then-bind approach similar to the one in the eDirectory 
backend starting at line 157.  It also occurs to me that the "n...@domain" 
pattern might be looking at displayName -- I'm no expert on Active Directory.  
To that end, you may want to insert a logging statement of the exception that's 
caught at line 134, between 134 and 135.

---Peter

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-22 Thread andreas schmid 
Peter Herndon wrote:
> On Mon, Feb 22, 2010 at 9:40 AM, andreas schmid  wrote:
>
>   
>> im experiencing strange problems now. the user is able to authenticate
>> against ldap only if in the active directory the displayName == username
>> why this? i dont get any error or traceback, the user only isnt able to
>> get logged in
>>
>> 
>
> If users were able to authenticate, and are now not able to
> authenticate, what changed?  
i was thinkin the authentication over ldap group was working because i
testet it only whith a testuser which had sAMAccountName == displayName
but now im figuring that if thats not equal it desnt work as expected.
the app is still in development and i didnt work on it for a few days.

> At my place of work, I've learned to
> expect changes in Active Directory every so often -- my AD admins are
> not that great at notifying users of impending changes.  These changes
> occasionally cause breakage elsewhere.
>
> If not in AD, did something else in your environment change?
>
> The normal way ldap-groups works is that sAMAccountName is the field
> used to identify a user in AD (line 106 in
> ldap-groups/accounts/backends.py), and is used as the source of their
> django.contrib.auth.models.User username.  So, if you go changing
> someone's username via the admin, or otherwise edit the username data
> in your db, then the username won't match the sAMAccountName, and they
> won't be able to log in to that account.  
i found this problem by working with the system admin and try different
settings and we figured out what i wrote above.
> Similarly, if their
> sAMAccountName changes in AD, and they log in to your site with the
> new name, they will effectively have created a second account in your
> db.  If you have resources tied to an account in Django (saved
> bookmarks, tags, uploads, etc.), the user won't have access to those
> resources any longer, as they're on a new account.
>
> I realize that sAMAccountName is not the same as displayName.  I
> wonder if you were mistaking the occasional coincidence between
> displayName and sAMAccountName?  
nope
> Or did you edit the app to use
> displayName?  Perhaps you could post more details about your issue,
> including code.
>
> Also, you may want to instrument the LDAP code.  Either log the
> results from the LDAP calls to a file, or drop in some print
> statements and run via runserver, and see what messages your LDAP
> environment produces.  Useful bits to log will be lines 82, 106, and
> 132 in ldap-groups/accounts/backends.py.
>
>   
i started to log a bit today and will go on tomorrow and post what i
will get or the solution if i will find it.

> ---Peter
>
>   

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-22 Thread Peter Herndon 
On Mon, Feb 22, 2010 at 9:40 AM, andreas schmid  wrote:

> im experiencing strange problems now. the user is able to authenticate
> against ldap only if in the active directory the displayName == username
> why this? i dont get any error or traceback, the user only isnt able to
> get logged in
>

If users were able to authenticate, and are now not able to
authenticate, what changed?  At my place of work, I've learned to
expect changes in Active Directory every so often -- my AD admins are
not that great at notifying users of impending changes.  These changes
occasionally cause breakage elsewhere.

If not in AD, did something else in your environment change?

The normal way ldap-groups works is that sAMAccountName is the field
used to identify a user in AD (line 106 in
ldap-groups/accounts/backends.py), and is used as the source of their
django.contrib.auth.models.User username.  So, if you go changing
someone's username via the admin, or otherwise edit the username data
in your db, then the username won't match the sAMAccountName, and they
won't be able to log in to that account.  Similarly, if their
sAMAccountName changes in AD, and they log in to your site with the
new name, they will effectively have created a second account in your
db.  If you have resources tied to an account in Django (saved
bookmarks, tags, uploads, etc.), the user won't have access to those
resources any longer, as they're on a new account.

I realize that sAMAccountName is not the same as displayName.  I
wonder if you were mistaking the occasional coincidence between
displayName and sAMAccountName?  Or did you edit the app to use
displayName?  Perhaps you could post more details about your issue,
including code.

Also, you may want to instrument the LDAP code.  Either log the
results from the LDAP calls to a file, or drop in some print
statements and run via runserver, and see what messages your LDAP
environment produces.  Useful bits to log will be lines 82, 106, and
132 in ldap-groups/accounts/backends.py.

---Peter

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-22 Thread andreas schmid 
Peter Herndon wrote:
> On Feb 5, 2010, at 5:45 AM, andreas schmid wrote:
>
>   
>> ok django-ldap-groups works perfectly now!
>>
>> 
>
> That's great to hear!  If you run into any issues, I'll be happy to help 
> troubleshoot.
>
> ---Peter
>   
im experiencing strange problems now. the user is able to authenticate
against ldap only if in the active directory the displayName == username
why this? i dont get any error or traceback, the user only isnt able to
get logged in

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-05 Thread Peter Herndon 

On Feb 5, 2010, at 5:45 AM, andreas schmid wrote:

> ok django-ldap-groups works perfectly now!
> 

That's great to hear!  If you run into any issues, I'll be happy to help 
troubleshoot.

---Peter

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-05 Thread andreas schmid 
ok django-ldap-groups works perfectly now!

Mike Dewhirst wrote:
> On 4/02/2010 11:14pm, David De La Harpe Golden wrote:
>> On 04/02/10 08:33, andreas schmid wrote:
>>> @brad: can you show me some sample code for this?
>>>
>
> David
>
> I am using Peter Herndon's django-ldap-groups successfully. He has two
> backends; one for Novell's eDirectory which I'm using and another for
> MS Active Directory which I haven't tried.
>
>http://pypi.python.org/pypi/django-ldap-groups/0.1.3
>
> ... and here the relevant bits of my settings.py. Peter's comments all
> start on a new line while mine don't. I haven't adjusted anything here
> - this is working code. The getcreds() method simply fetches userid
> and password from a non-versioned file. I try and keep such stuff out
> of the repository  ...
>
> ssl = True  # switch between SSL and non-SSL
> SEARCH_DN = 'O=pq8nw'   # Organization name
> # NT4_DOMAIN is used with Active Directory only, comment out for
> eDirectory
> # NT4_DOMAIN = 'EXAMPLE'
> # sAMAccountName is used with Active Directory
> # Use the following for Active Directory
> # SEARCH_FIELDS =
> ['mail','givenName','sn','sAMAccountName','memberOf','cn']
> # Use the following for Novell eDirectory
> # SEARCH_FIELDS = ['mail', 'givenName', 'sn', 'groupMembership', 'cn']
> SEARCH_FIELDS = ['mail', 'givenName', 'sn', 'groupMembership', 'cn']
>
> nds = credsdir + APP + '.nds'   # contains credentials
> cred = getcreds(nds)# returns a 2-element list
> BIND_USER = 'cn=%s,%s' % (cred[0], SEARCH_DN)
> BIND_PASSWORD = cred[1] # valid password too
> # CERT_FILE = ''# not used if ssl == False
> ldap_srv = '192.168.0.108'
> ldap_port = 389
> protocol = 'ldap'
> if ssl:
> protocol = 'ldaps'
> ldap_port = 636
> CERT_FILE = credsdir + 'cert_pq8nw_9a30.b64'
>
> LDAP_URL = protocol + '://%s:%s' % (ldap_srv, ldap_port)
>
> AUTHENTICATION_BACKENDS = (
> 'ldap_groups.accounts.backends.eDirectoryGroupMembershipSSLBackend',
>
> #'ldap_groups.accounts.backends.ActiveDirectoryGroupMembershipSSLBackend',
>
> 'django.contrib.auth.backends.ModelBackend',
> )
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-04 Thread andreas schmid 
Mike Dewhirst wrote:
> On 4/02/2010 11:14pm, David De La Harpe Golden wrote:
>> On 04/02/10 08:33, andreas schmid wrote:
>>> @brad: can you show me some sample code for this?
>>>
>
> David
>
> I am using Peter Herndon's django-ldap-groups successfully. He has two
> backends; one for Novell's eDirectory which I'm using and another for
> MS Active Directory which I haven't tried.
>
>http://pypi.python.org/pypi/django-ldap-groups/0.1.3
>
> ... and here the relevant bits of my settings.py. Peter's comments all
> start on a new line while mine don't. I haven't adjusted anything here
> - this is working code. The getcreds() method simply fetches userid
> and password from a non-versioned file. I try and keep such stuff out
> of the repository  ...
>
> ssl = True  # switch between SSL and non-SSL
> SEARCH_DN = 'O=pq8nw'   # Organization name
> # NT4_DOMAIN is used with Active Directory only, comment out for
> eDirectory
> # NT4_DOMAIN = 'EXAMPLE'
> # sAMAccountName is used with Active Directory
> # Use the following for Active Directory
> # SEARCH_FIELDS =
> ['mail','givenName','sn','sAMAccountName','memberOf','cn']
> # Use the following for Novell eDirectory
> # SEARCH_FIELDS = ['mail', 'givenName', 'sn', 'groupMembership', 'cn']
> SEARCH_FIELDS = ['mail', 'givenName', 'sn', 'groupMembership', 'cn']
>
> nds = credsdir + APP + '.nds'   # contains credentials
> cred = getcreds(nds)# returns a 2-element list
> BIND_USER = 'cn=%s,%s' % (cred[0], SEARCH_DN)
> BIND_PASSWORD = cred[1] # valid password too
> # CERT_FILE = ''# not used if ssl == False
> ldap_srv = '192.168.0.108'
> ldap_port = 389
> protocol = 'ldap'
> if ssl:
> protocol = 'ldaps'
> ldap_port = 636
> CERT_FILE = credsdir + 'cert_pq8nw_9a30.b64'
>
> LDAP_URL = protocol + '://%s:%s' % (ldap_srv, ldap_port)
>
> AUTHENTICATION_BACKENDS = (
> 'ldap_groups.accounts.backends.eDirectoryGroupMembershipSSLBackend',
>
> #'ldap_groups.accounts.backends.ActiveDirectoryGroupMembershipSSLBackend',
>
> 'django.contrib.auth.backends.ModelBackend',
> )
>
im experimenting with django-ldap-groups too now and im going forward.
its still not working how i want but ill test it a bit more.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-04 Thread Mike Dewhirst 

On 4/02/2010 11:14pm, David De La Harpe Golden wrote:

On 04/02/10 08:33, andreas schmid wrote:

@brad: can you show me some sample code for this?



David

I am using Peter Herndon's django-ldap-groups successfully. He has two 
backends; one for Novell's eDirectory which I'm using and another for MS 
Active Directory which I haven't tried.


   http://pypi.python.org/pypi/django-ldap-groups/0.1.3

... and here the relevant bits of my settings.py. Peter's comments all 
start on a new line while mine don't. I haven't adjusted anything here - 
this is working code. The getcreds() method simply fetches userid and 
password from a non-versioned file. I try and keep such stuff out of the 
repository  ...


ssl = True  # switch between SSL and non-SSL
SEARCH_DN = 'O=pq8nw'   # Organization name
# NT4_DOMAIN is used with Active Directory only, comment out for eDirectory
# NT4_DOMAIN = 'EXAMPLE'
# sAMAccountName is used with Active Directory
# Use the following for Active Directory
# SEARCH_FIELDS = ['mail','givenName','sn','sAMAccountName','memberOf','cn']
# Use the following for Novell eDirectory
# SEARCH_FIELDS = ['mail', 'givenName', 'sn', 'groupMembership', 'cn']
SEARCH_FIELDS = ['mail', 'givenName', 'sn', 'groupMembership', 'cn']

nds = credsdir + APP + '.nds'   # contains credentials
cred = getcreds(nds)# returns a 2-element list
BIND_USER = 'cn=%s,%s' % (cred[0], SEARCH_DN)
BIND_PASSWORD = cred[1] # valid password too
# CERT_FILE = ''# not used if ssl == False
ldap_srv = '192.168.0.108'
ldap_port = 389
protocol = 'ldap'
if ssl:
protocol = 'ldaps'
ldap_port = 636
CERT_FILE = credsdir + 'cert_pq8nw_9a30.b64'

LDAP_URL = protocol + '://%s:%s' % (ldap_srv, ldap_port)

AUTHENTICATION_BACKENDS = (
'ldap_groups.accounts.backends.eDirectoryGroupMembershipSSLBackend',

#'ldap_groups.accounts.backends.ActiveDirectoryGroupMembershipSSLBackend',
'django.contrib.auth.backends.ModelBackend',
)

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-04 Thread brad 
On Feb 4, 2:33 am, andreas schmid  wrote:
> @brad: can you show me some sample code for this?

the code that I have is all very specific to  where I work.  I'd have
to clean it up a bit to try to make it useful to you.

There's also several other people who have posted snippets for
backends based on LDAP or Active Directory:
http://www.djangosnippets.org/tags/ldap/

A few of these are very similar to what I've done. I'd suggest taking
it look.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-04 Thread David De La Harpe Golden 

On 04/02/10 08:33, andreas schmid wrote:

@brad: can you show me some sample code for this?

@david: i tried different configuration options but with no luck, i can
bind and search manually over python-ldap so i can definitely connect.



There are logging calls liberally sprinkled through the source of 
django-auth-ldap.  Django doesn't really give you any help with logs 
out-of-box (I suppose the argument is python already has its logging 
package (quite the baroque one) that you can setup how you want), they 
may be going nowhere?


For debugging rather than production logging needs, there are packages 
that can inject log messages encountered during answering requests into 
the html response [1] - extremely useful.


I'm still stuck for now with our homegrown ldap auth we grew before 
django-auth-ldap appeared, but I've been keeping an eye on the 
django-auth-ldap package as a possible replacement.  I can confirm it 
worked completely straightforwardly on python 2.5 and django 1.1.1 
(including log messages when auth failed etc.) - at least trunk when 
checked out from the repo rather than easy_installed or whatever - 
here's the entirety of the relevant settings.py config I used for my 
last test, as per the documentation:


AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
...
)

# I have a slapd setup for testing on my dev box.
AUTH_LDAP_SERVER_URI = "ldap://localhost/;

import ldap
from django_auth_ldap.config import LDAPSearch

# If you can't anonymously find users, you might need values here.
AUTH_LDAP_BIND_DN = ""
AUTH_LDAP_BIND_PASSWORD = ""
# obviously I used our actual path here
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,dc=example,dc=com",
   ldap.SCOPE_SUBTREE, "(uid=%(user)s)")



[1]
http://code.google.com/p/django-logging/wiki/Overview
- apparently no longer maintained (still works though):
http://robhudson.github.com/django-debug-toolbar/
has a superset of its functionality though I haven't got around to 
switching to it yet.



--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-04 Thread andreas schmid 
@brad: can you show me some sample code for this?

@david: i tried different configuration options but with no luck, i can
bind and search manually over python-ldap so i can definitely connect.

ive seen that the requirements for django-auth-ldap are python2.3 and
django1.0 so maybe thats one of the problems.
is someone who is using a higher pyhton version and maybe django1.1 and
have it working?
any advise would be appreciated.



brad wrote:
>> i need to authenticate users through ldap but i need also to store their
>> preferences in the database, i cant really understand if
>> 
>
>   
>> what is the best way to go?
>> 
>
> One thing you might consider doing is just write a custom backend:
> (http://docs.djangoproject.com/en/1.1/ref/authbackends/#ref-
> authentication-backends).
>
> I have a project where user's authenticate agains Active Directory.
> If the authentication is successful, the backend checks to see if an
> corresponding User (from django.contrib.auth) exists.  If not, it
> pulls the their full name, username, and email from Active Directory
> and creates the User object.
>
> The pitfall to this approach is that if their info changes in AD, the
> corresponding User data is out-of-sync.
>
> This approach works well for me, but YMMV.
>
>   

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-03 Thread brad 
> i need to authenticate users through ldap but i need also to store their
> preferences in the database, i cant really understand if

> what is the best way to go?

One thing you might consider doing is just write a custom backend:
(http://docs.djangoproject.com/en/1.1/ref/authbackends/#ref-
authentication-backends).

I have a project where user's authenticate agains Active Directory.
If the authentication is successful, the backend checks to see if an
corresponding User (from django.contrib.auth) exists.  If not, it
pulls the their full name, username, and email from Active Directory
and creates the User object.

The pitfall to this approach is that if their info changes in AD, the
corresponding User data is out-of-sync.

This approach works well for me, but YMMV.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-03 Thread andreas schmid 
thanks... ill check this asap.

David De La Harpe Golden wrote:
> On 03/02/10 14:45, andreas schmid wrote:
>
>
>>  AUTH_LDAP_BIND_DN = ""
>>  AUTH_LDAP_BIND_PASSWORD = ""
>>  AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
>>  ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
>>
>
> You're using uid here, but
>>
>>  # Set up the basic group parameters.
>
>>  # Populate the Django user from the LDAP directory.
>>  AUTH_LDAP_USER_ATTR_MAP = {
>>  "username": "sn"
>
> sn here.  I really doubt that'll work unless your ldap directory
> happens to have uid==sn for all relevant entries (which would
> be weird and unusual, but not strictly impossible)
>
> Try uid in both.  I think you were heading
> that way with your question regarding AUTH_LDAP_USER_ATTR_MAP anyway.
>
> sn in both is less likely to be what you want, usually surnames
> can violate typical username constraints and be non-unique.
>
> > no users in the db,
>
> Well, n.b. that probably won't happen until you actually try to log in
> as a particular ldap user.
>
> django-auth-ldap apparently has a dedicated list, might reach
> people with more familiarity with it, I'm not sure what else might
> be wrong with your config:
> http://bitbucket.org/psagers/django-auth-ldap/wiki/Home
> (n.b. I inadvertently linked to a fork in last post)
>
> > how can i check if i am connected or not?
>
> One thing to bear in mind   -
> ./manage.py shell
> allows you to poke about interactively "within" your django project
> (though not the live web server as such).  You can execute individual
> methods and try stuff out.
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-03 Thread David De La Harpe Golden 

On 03/02/10 14:45, andreas schmid wrote:



 AUTH_LDAP_BIND_DN = ""
 AUTH_LDAP_BIND_PASSWORD = ""
 AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
 ldap.SCOPE_SUBTREE, "(uid=%(user)s)")



You're using uid here, but


 # Set up the basic group parameters.



 # Populate the Django user from the LDAP directory.
 AUTH_LDAP_USER_ATTR_MAP = {
 "username": "sn"


sn here.  I really doubt that'll work unless your ldap directory
happens to have uid==sn for all relevant entries (which would
be weird and unusual, but not strictly impossible)

Try uid in both.  I think you were heading
that way with your question regarding AUTH_LDAP_USER_ATTR_MAP anyway.

sn in both is less likely to be what you want, usually surnames
can violate typical username constraints and be non-unique.

> no users in the db,

Well, n.b. that probably won't happen until you actually try to log in
as a particular ldap user.

django-auth-ldap apparently has a dedicated list, might reach
people with more familiarity with it, I'm not sure what else might
be wrong with your config:
http://bitbucket.org/psagers/django-auth-ldap/wiki/Home
(n.b. I inadvertently linked to a fork in last post)

> how can i check if i am connected or not?

One thing to bear in mind   -
./manage.py shell
allows you to poke about interactively "within" your django project
(though not the live web server as such).  You can execute individual 
methods and try stuff out.




--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-03 Thread andreas schmid 
im trying to get it working, i configured my settings.py like this:


import ldap
from django_auth_ldap.config import LDAPSearch, GroupOfNamesType

# Baseline configuration.
AUTH_LDAP_SERVER_URI = "ldap://myldapurl:myportnumber;

AUTH_LDAP_BIND_DN = ""
AUTH_LDAP_BIND_PASSWORD = ""
AUTH_LDAP_USER_SEARCH = LDAPSearch("dc=example,dc=com",
ldap.SCOPE_SUBTREE, "(uid=%(user)s)")


# Set up the basic group parameters.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("dc=example,dc=com",
ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)"
)
AUTH_LDAP_GROUP_TYPE = GroupOfNamesType(name_attr="cn")

# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"username": "sn",
"first_name": "cn",
"last_name": "sn",
"email": "mail"
}

AUTH_LDAP_USER_FLAGS_BY_GROUP = {
"is_active": "dc=example,dc=com",
"is_staff": "dc=example,dc=com",
"is_superuser": "dc=example,dc=com"
}

# Keep ModelBackend around for per-user permissions and maybe a local
# superuser.
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)


django starts, i get no error messages, no success messages, no users in
the db, really no signal at all.
how can i check if i am connected or not?
what is the username if i dont set it explicitly in the
AUTH_LDAP_USER_ATTR_MAP?


David De La Harpe Golden wrote:
> On 03/02/10 13:41, andreas schmid wrote:
>> hi,
>>
>> i need to authenticate users through ldap but i need also to store their
>> preferences in the database, i cant really understand if
>> django-auth-ldap (http://packages.python.org/django-auth-ldap) only
>> authenticats the users over ldap or if it creates a real user object in
>> django.
>
> AFAICS it creates a corresponding User object if one is missing for
> each ldap authenticated user at authentication time (good ol'
> get_or_create). Pretty much all django apps with any per-user
> functionality expect you to be using django.contrib.auth.models.User
> for users, so doing so makes a lot of sense.
>
> http://bitbucket.org/kozo_ni/django-auth-ldap/src/tip/django_auth_ldap/backend.py#cl-209
>
>
> http://bitbucket.org/kozo_ni/django-auth-ldap/src/tip/django_auth_ldap/backend.py#cl-346
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Re: django and ldap

2010-02-03 Thread David De La Harpe Golden 

On 03/02/10 13:41, andreas schmid wrote:

hi,

i need to authenticate users through ldap but i need also to store their
preferences in the database, i cant really understand if
django-auth-ldap (http://packages.python.org/django-auth-ldap) only
authenticats the users over ldap or if it creates a real user object in
django.


AFAICS it creates a corresponding User object if one is missing for each 
ldap authenticated user at authentication time (good ol' get_or_create). 
Pretty much all django apps with any per-user functionality expect you 
to be using django.contrib.auth.models.User

for users, so doing so makes a lot of sense.

http://bitbucket.org/kozo_ni/django-auth-ldap/src/tip/django_auth_ldap/backend.py#cl-209

http://bitbucket.org/kozo_ni/django-auth-ldap/src/tip/django_auth_ldap/backend.py#cl-346

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

django and ldap

2010-02-03 Thread andreas schmid 
hi,

i need to authenticate users through ldap but i need also to store their
preferences in the database, i cant really understand if
django-auth-ldap (http://packages.python.org/django-auth-ldap) only
authenticats the users over ldap or if it creates a real user object in
django.

i even found this snippet:
http://www.djangosnippets.org/snippets/893/
which seems to synchronise the users in the ldap server with the django
users.

what is the best way to go?





-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Django and LDAP

2009-07-18 Thread Daniele Procida 

Some time ago, I successfully managed to get Django LDAP authentication
working. I used the patch at:

<http://code.djangoproject.com/attachment/ticket/2507>

Now for the life of me I can't repeat my success.

Perhaps someone can remind me how I should expect this to work.

If I have set up LDAP correctly, and I try to log in with a username and
password that the LDAP server should recognise but aren't in Django's
Users, what should I expect to see?

Thanks,

Daniele



--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~--~~~~--~~--~--~---