django_auth_ldap cannot get group search to work

[Michel30]

Hi all,

I am using django_auth_ldap to authenticate users. I want to limit
them to members of a group 'MT' but I cannot get it to work even
though it looks like I am doing things as 
http://packages.python.org/django-auth-ldap/
shows me :-(

This is my relevant stuff from settings.py:

    import ldap
   from django_auth_ldap.config import LDAPSearch, GroupOfNamesType
   AUTH_LDAP_SERVER_URI = "ldap://192.168.0.1:389";
   AUTH_LDAP_BIND_DN = ""
   AUTH_LDAP_BIND_PASSWORD = ""
   AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=users,o=mapper",
       ldap.SCOPE_SUBTREE, "(uid=%(user)s)")
   AUTH_LDAP_USER_ATTR_MAP = {"first_name": "givenName", "last_name":
"sn", "email": "mail"}
   AUTH_LDAP_GROUP_SEARCH = LDAPSearch("ou=groups,o=mapper",
       ldap.SCOPE_SUBTREE, "(objectClass=groupOfNames)")
   AUTH_LDAP_GROUP_TYPE = GroupOfNamesType()
   AUTH_LDAP_REQUIRE_GROUP = "cn=MT,ou=groups,o=mapper"
   AUTHENTICATION_BACKENDS = (
       'django_auth_ldap.backend.LDAPBackend',
       'django.contrib.auth.backends.ModelBackend',
   )

The LDIF dump from the server is:

   dn: cn=MT,ou=groups,o=mapper
   changetype: add
   sambaGroupType: 2
   sambaSID: S-1-5-21-3621989192-1070409864-1511258855-3051
   gidNumber: 1025
   displayName: MT
   equivalentToMe: uid=michel,ou=users,o=mapper
   objectClass: Top
   objectClass: posixGroup
   objectClass: groupOfNames
   objectClass: sambaGroupMapping
   member: uid=michel,ou=users,o=mapper
   cn: MT

And the debug logging says this:

   DEBUG 2011-11-22 11:21:28,347 config 28037 140700755687168
search_s('ou=users,o=mapper', 2, '(uid=michel)') returned 1 objects:
uid=michel,ou=users,o=mapper
   DEBUG 2011-11-22 11:21:28,350 backend 28037 140700755687168
uid=michel,ou=users,o=mapper is not a member of
cn=MT,ou=groups,o=mapper
   DEBUG 2011-11-22 11:21:28,350 backend 28037 140700755687168
Authentication failed for michel


Can anyone see what I am doing wrong here?
Thanks,
Michel

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.