It should did you try ? There is no better then try...
:) I am not an expert in AD, but there is sometimes new fields or duplicated fields that store the same information... So, if it not working don't conclude hasty that it not working... Richard Richard On Tue, Feb 10, 2015 at 6:12 PM, Gary Cowell <gary.cow...@gmail.com> wrote: > I would like my app to authenticate with AD (ldap) for users and passwords. > > But, I'm not in control of the LDAP, and I can't get them to add new > groups etc. and the app requires users to be in a web2py admin group to do > certain admin functions within the app. > > So at the moment, I'm using standard auth, where users can self register, > then I add them to the admin group myself if necessary > > I found a web2py slices for authenticating against AD, but how can I also > use web2py groups, /instead of/ AD/ldap groups? So authenticate the user > and password against AD, but use my app groups for additional permissions > > Is it the case of the auth.settings.create_user_groups and > auth.settings.login_methods [ manage_groups ] options? > > I won't be able to test it sadly until I have access to an ldap server. > Might be time to run my own for now, I suppose! > > Question for now is, is this possible at all? If so, I will set up and > configure an ldap server to test it with. > > Thanks > > > from gluon.tools import Auth, Crud, Service, PluginManager, prettydate > auth = Auth(db, hmac_key = Auth.get_or_create_key()) > > then > > auth.define_tables(username=True) > #auth.settings.create_user_groups=False > > after > > # all we need is login > > auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile'] > > # you don't have to remember me > auth.settings.remember_me_form = False > > and > > from gluon.contrib.login_methods.ldap_auth import ldap_auth > auth.settings.login_methods = [ldap_auth(mode='ad', > manage_groups= True, > db = db, > group_name_attrib = 'cn', > group_member_attrib = 'member', > group_filterstr = 'objectClass=Group', > server='<server>', > base_dn='OU=<my org unit>,DC=<domain>,DC=<domain>')] > > -- > Resources: > - http://web2py.com > - http://web2py.com/book (Documentation) > - http://github.com/web2py/web2py (Source code) > - https://code.google.com/p/web2py/issues/list (Report Issues) > --- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to web2py+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
