import ldap
AUTHENTICATION_BACKENDS = (
'myapp.ldapauth.LDAPBackend',
)
LDAP_DEBUG=True
LDAP_SERVER_URI='ldap://mydomain.com'
LDAP_SEARCHDN='ou=Staff,dc=mydomain,dc=com'
LDAP_SEARCH_FILTER = 'sAMAccountName=%s'
LDAP_PREBINDDN = 'bindacct@mydomain.com'
LDAP_PREBINDPW = 'pass'
LDAP_BIND_ATTRIBUTE = 'cn'
LDAP_FIRST_NAME = 'givenName'
LDAP_LAST_NAME = 'sn'
I used ipython to debug my ldap setup:
ipython
import ldap
ldap.set_option(ldap.OPT_DEBUG_LEVEL,255)
l = ldap.initialize('ldap://server:port')
l.simple_bind_s('domainuser@mydomain.com','pass')
l.search_s('ou=people,dc=mydomain,dc=com',ldap.SCOPE_SUBTREE,'sAMAccountName=domainuser')
The next step is to follow the Microsoft instructions for enabling SSL so the creds don't travel in cleartext.
No comments:
Post a Comment