Associate parameters :
On Thu, Mar 9, 2017 at 1:32 PM, Richard Vézina <ml.richard.vez...@gmail.com> wrote: > You may try the SSL port 636 (http://www.openldap.org/faq/ > data/cache/185.html) > > > You may realise that it actually available... > > Richard > > On Thu, Mar 9, 2017 at 12:53 PM, Carlos Cesar Caballero Díaz < > carlos.caball...@cfg.jovenclub.cu> wrote: > >> I completely agree, and I have warned to the sysadmin, but is not my >> network, so... >> >> Greetings. >> >> El 09/03/17 a las 12:26, Richard Vézina escribió: >> >> Hello Carlos, >> >> auth_ldap is difficult to put in place because as you mention it doesn't >> provide proper feedback when something goes wrong... >> >> Note: If you access localhost instance of LDAP it may be ok to not use >> SSL protected service, but other than that you want to use 636 port (if I >> recall) and SSL protected connection, or the username and password can be >> access in clear text by sniffing the network... >> >> Richard >> >> On Thu, Mar 9, 2017 at 12:02 PM, Carlos Cesar Caballero Díaz < >> carlos.caball...@cfg.jovenclub.cu> wrote: >> >>> Hi Richard, >>> >>> I am connecting against an OpenLDAP server, and here is a lot of >>> services running against it (proxy, email, nextcloud, dolibarr, a few dozen >>> of Ubuntu PCs and others). >>> >>> After a more accurate debugging I release that simple_bind_s() was >>> throwing an invalid credentials error (will be good to add a a warning or >>> something in logs). >>> >>> I start trying with different options and this works (it seems that the >>> ldap server was not using a standard OpenLdap structure, but i don't known >>> too much about that): >>> >>> auth.settings.login_methods.append(ldap_auth( >>> mode='custom', server='10.6.xx.xx', >>> base_dn='dc=comp', >>> username_attrib='uid', >>> custom_scope='subtree', >>> )) >>> >>> So, the problem is solved and is working without problems. Many thanks. >>> >>> >>> Greetings. >>> >>> El 07/03/17 a las 13:40, Richard Vézina escribió: >>> >>> Hello Carlos, >>> >>> You can try to make simple bind with python ldap lib first, make sure >>> user, base_dn is good, you will get more feedback then with ldap_auth >>> >>> Depending of the ldap server implementation that you try to reach you >>> may fall on ldap_auth issue as not all part of the ldap_auth is well >>> testing I guess, there is comment in the code saying that, so... >>> >>> Do you connect to Active Directory? open_ldap... Is the LDAP server >>> properly configure if you use to put open_ldap in place by yourself for >>> instance, are you able to use LDAP for authentication with other software >>> solution?? >>> >>> Richard >>> >>> On Tue, Mar 7, 2017 at 11:50 AM, Carlos Cesar Caballero Díaz < >>> carlos.caball...@cfg.jovenclub.cu> wrote: >>> >>>> No, the ldap server is not protected by ssl. >>>> >>>> Greetings. >>>> >>>> >>>> El 07/03/17 a las 11:42, Richard Vézina escribió: >>>> >>>> Is your ldap server protected by ssl? If so you have to think to change >>>> port... >>>> >>>> Richard >>>> >>>> On Tue, Mar 7, 2017 at 10:32 AM, Carlos Cesar Caballero Díaz < >>>> carlos.caball...@cfg.jovenclub.cu> wrote: >>>> >>>>> Hi, I am trying to include ldap authentication to my app, and for >>>>> this, i am using this code: >>>>> >>>>> auth.settings.login_methods.append(ldap_auth( >>>>> mode='uid', >>>>> server='10.6.xx.xx', >>>>> base_dn='dc=comp', >>>>> filterstr='&(objectClass=inetOrgPerson)', >>>>> logging_level='debug')) >>>>> >>>>> (note: The Original server and base_dn values are changed in this >>>>> example. I also have tried with and without the filterstr option) >>>>> >>>>> But I can't login with any ldap user, and the logs only say: >>>>> >>>>> DEBUG:web2py.auth.ldap_auth:mode: [uid] manage_user: [False] >>>>> custom_scope: [subtree] manage_groups: [False] >>>>> INFO:web2py.auth.ldap_auth:[10.6.28.93] Initialize ldap connection >>>>> >>>>> I Debug the ladp_auth module, and for some reason it hangs on the line >>>>> 314 ( con.simple_bind_s(dn, password)) without throw any error. >>>>> >>>>> If it helps, I also have tried this code and works as expected >>>>> returning the ldap user data: >>>>> >>>>> import ldap >>>>> ldap_server="10.6.xx.xx" >>>>> username = "auser" >>>>> base_dn = "dc=comp" >>>>> >>>>> query = "(uid=%s)" % username >>>>> con = ldap.initialize('ldap://'+ldap_server) >>>>> >>>>> result = con.search_s(base_dn, ldap.SCOPE_SUBTREE, query) >>>>> print result >>>>> >>>>> >>>>> Any help or idea? >>>>> >>>>> Greetings. >>>>> >>>>> >>>>> -- >>>>> Resources: >>>>> - http://web2py.com >>>>> - http://web2py.com/book (Documentation) >>>>> - http://github.com/web2py/web2py (Source code) >>>>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "web2py-users" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to web2py+unsubscr...@googlegroups.com. >>>>> For more options, visit *MailScanner ha detectado un intento de >>>>> fraude en la siguiente página web "groups.google.com". No confíe en esta >>>>> página web:* *MailScanner ha detectado un intento de fraude en la >>>>> siguiente p�gina web "groups.google.com". No conf�e en esta p�gina web:* >>>>> *MailScanner >>>>> ha detectado un intento de fraude en la siguiente página web >>>>> "groups.google.com". No confíe en esta página web:* *MailScanner ha >>>>> detectado un intento de fraude en la siguiente p�gina web >>>>> "groups.google.com". No conf�e en esta p�gina web:* *MailScanner ha >>>>> detectado un intento de fraude en la siguiente página web >>>>> "groups.google.com". No confíe en esta página web:* *MailScanner ha >>>>> detectado un intento de fraude en la siguiente p�gina web >>>>> "groups.google.com". No conf�e en esta p�gina web:* >>>>> https://groups.google.com/d/optout >>>>> <https://groups.google.com/d/optout>. >>>>> >>>> >>>> -- >>>> Resources: >>>> - http://web2py.com >>>> - http://web2py.com/book (Documentation) >>>> - http://github.com/web2py/web2py (Source code) >>>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "web2py-users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to web2py+unsubscr...@googlegroups.com. >>>> For more options, visit *MailScanner ha detectado un intento de fraude >>>> en la siguiente página web "groups.google.com". No confíe en esta página >>>> web:* *MailScanner ha detectado un intento de fraude en la siguiente >>>> p�gina web "groups.google.com". No conf�e en esta p�gina web:* *MailScanner >>>> ha detectado un intento de fraude en la siguiente página web >>>> "groups.google.com". No confíe en esta página web:* *MailScanner ha >>>> detectado un intento de fraude en la siguiente p�gina web >>>> "groups.google.com". No conf�e en esta p�gina web:* *MailScanner ha >>>> detectado un intento de fraude en la siguiente página web >>>> "groups.google.com". No confíe en esta página web:* *MailScanner ha >>>> detectado un intento de fraude en la siguiente p�gina web >>>> "groups.google.com". No conf�e en esta p�gina web:* >>>> https://groups.google.com/d/optout <https://groups.google.com/d/optout> >>>> . >>>> >>>> >>>> -- >>>> Resources: >>>> - http://web2py.com >>>> - http://web2py.com/book (Documentation) >>>> - http://github.com/web2py/web2py (Source code) >>>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "web2py-users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to web2py+unsubscr...@googlegroups.com. >>>> For more options, visit *MailScanner ha detectado un intento de fraude >>>> en la siguiente página web "groups.google.com". No confíe en esta página >>>> web:* *MailScanner ha detectado un intento de fraude en la siguiente >>>> p�gina web "groups.google.com". No conf�e en esta p�gina web:* *MailScanner >>>> ha detectado un intento de fraude en la siguiente página web >>>> "groups.google.com". No confíe en esta página web:* *MailScanner ha >>>> detectado un intento de fraude en la siguiente p�gina web >>>> "groups.google.com". No conf�e en esta p�gina web:* >>>> https://groups.google.com/d/optout <https://groups.google.com/d/optout> >>>> . >>>> >>> >>> -- >>> Resources: >>> - http://web2py.com >>> - http://web2py.com/book (Documentation) >>> - http://github.com/web2py/web2py (Source code) >>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "web2py-users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to web2py+unsubscr...@googlegroups.com. >>> For more options, visit *MailScanner ha detectado un intento de fraude >>> en la siguiente página web "groups.google.com". No confíe en esta página >>> web:* *MailScanner ha detectado un intento de fraude en la siguiente >>> p�gina web "groups.google.com". No conf�e en esta p�gina web:* *MailScanner >>> ha detectado un intento de fraude en la siguiente página web >>> "groups.google.com". No confíe en esta página web:* *MailScanner ha >>> detectado un intento de fraude en la siguiente p�gina web >>> "groups.google.com". No conf�e en esta p�gina web:* >>> https://groups.google.com/d/optout <https://groups.google.com/d/optout>. >>> >>> >>> -- >>> Resources: >>> - http://web2py.com >>> - http://web2py.com/book (Documentation) >>> - http://github.com/web2py/web2py (Source code) >>> - https://code.google.com/p/web2py/issues/list (Report Issues) >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "web2py-users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to web2py+unsubscr...@googlegroups.com. >>> For more options, visit *MailScanner ha detectado un intento de fraude >>> en la siguiente página web "groups.google.com". No confíe en esta página >>> web:* *MailScanner ha detectado un intento de fraude en la siguiente >>> p�gina web "groups.google.com". No conf�e en esta p�gina web:* >>> https://groups.google.com/d/optout <https://groups.google.com/d/optout>. >>> >> >> -- >> Resources: >> - http://web2py.com >> - http://web2py.com/book (Documentation) >> - http://github.com/web2py/web2py (Source code) >> - https://code.google.com/p/web2py/issues/list (Report Issues) >> --- >> You received this message because you are subscribed to the Google Groups >> "web2py-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to web2py+unsubscr...@googlegroups.com. >> For more options, visit *MailScanner ha detectado un intento de fraude >> en la siguiente página web "groups.google.com". No confíe en esta página >> web:* *MailScanner ha detectado un intento de fraude en la siguiente >> p�gina web "groups.google.com". No conf�e en esta p�gina web:* >> https://groups.google.com/d/optout <https://groups.google.com/d/optout>. >> >> >> -- >> Resources: >> - http://web2py.com >> - http://web2py.com/book (Documentation) >> - http://github.com/web2py/web2py (Source code) >> - https://code.google.com/p/web2py/issues/list (Report Issues) >> --- >> You received this message because you are subscribed to the Google Groups >> "web2py-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to web2py+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. >> > > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.