5
我試圖通過企業的Active Directory服務器來驗證我的用戶的Django LDAP認證。 我無法正確地配置它,我知道LDAP作品我有一個配置,努力 驗證Active Directory服務器上的一個鏈接到MediaWiki。通過Active Directory 2008
系統:
Active Directory 2008
Django (1, 3, 0, 'final', 0)
django-auth-ldap 1.0.9
這是我在settings.py
from django_auth_ldap.config import LDAPSearch
import logging
# makes sure this works in Active Directory
ldap.set_option(ldap.OPT_REFERRALS, 0)
LDAP_SERVER_URI = 'ldap://ad.exemple.com'
AUTH_LDAP_BIND_DN = 'my_user'
AUTH_LDAP_BIND_PASSWORD = 'my_pass'
AUTH_LDAP_USER_SEARCH = LDAPSearch('dc=exemple,dc=com', ldap.SCOPE_SUBTREE, '(SAMAccountName=%(user)s)')
# Populate the Django user from the LDAP directory.
AUTH_LDAP_USER_ATTR_MAP = {
"first_name": "givenName",
"last_name": "sn",
"email": "mail"
}
# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
配置我也加入了新的URI
LDAP_SERVER_URI = 'ldaps://ad.exemple.com:636'
我使用的主要組用戶搜索我不需要任何特定的組,我想進行身份驗證。
的錯誤消息,則返回錯誤:
WARNING 2011-05-31 16:50:19,429 backend 3968 140632428340992 Caught LDAPError while authenticating my_user: INVALID_CREDENTIALS({'info': '80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1772', 'desc': 'Invalid credentials'},)
[31/May/2011 16:50:19] "POST /admin/ HTTP/1.1" 200 9648
見此錯誤和尋找LDAP錯誤DSID-0C0903AA我發現,我應該嘗試設置的用戶名這樣
[email protected]
它沒有工作,它返回錯誤:
ERROR 2011-05-31 16:55:38,947 config 6505 139868662060800 search_s('dc=ubilium,dc=loc', 2, '(SAMAccountName=my_user)') raised OPERATIONS_ERROR({'info': '000004DC: LdapErr: DSID-0C0906DD, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1772', 'desc': 'Operations error'},)
DEBUG 2011-05-31 16:55:38,947 backend 6505 139868662060800 Authentication failed for my_user
有沒有人有任何線索ho讓它連接?