It's pretty clear it's successfully reading from your settings.py config now.
It's also clear your bind to LDAP/AD is failing. It looks like an issue in one of the following areas (and it will be specific to your environment - it's unlikely related to Baruwa auth): - Settings.py AD settings (AD_SEARCH_DN, AD_LDAP_PORT, etc.) - Baruwa domain <-> AD domain/server mapping - Locked account, bad username, bad password - AD weirdness Some suggestions: - Point Baruwa at a specific domain controller and monitor the security log for attempted auth access - Use the Global Catalog port (3268) instead of 389; this might fix issues with referrals - If you're using the root domain as AD_SEARCH_DN, try a narrowed scope (specific OU) for testing - If you don't try using the GC port, then: in ad.py Line 106 (before self.ldap_connection.simple_bind_s(self.user_bind_name, password)) try adding: self.ldap_connection.set_option(ldap.OPT_REFERRALS, 0) -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Frederik Vande Rieviere Sent: Wednesday, April 17, 2013 8:13 AM To: Baruwa users list Subject: Re: [Baruwa] question concerning AD authentication Seems i was looking at the wrong logfile. This is what I get from baruwa-ldap.log : No MySQL MailADAuthHost; using setting.py AD config User missing [email protected]. creating a) Auth failed for (myuser) a) AD auth backend error by fetching ldap data: {'info': '00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece', 'desc': 'Operations error'} (<class 'ldap.OPERATIONS_ERROR'>/[('/usr/local/lib/python2.6/dist-packages/baruwa-1.1.2-py2.6.egg/baruwa/auth/ad.py', 177, 'get_data', 'self.ad_search_fields)'), ('/usr/local/lib/python2.6/dist-packages/ldap/ldapobject.py', 546, 'search_ext_s', 'return self.result(msgid,all=1,timeout=timeout)[1]'), ('/usr/local/lib/python2.6/dist-packages/ldap/ldapobject.py', 458, 'result', 'resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)'), ('/usr/local/lib/python2.6/dist-packages/ldap/ldapobject.py', 462, 'result2', 'resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)'), ('/usr/local/lib/python2.6/dist-packages/ldap/ldapobject.py', 469, 'result3', 'resp_ctrl_classes=resp_ctrl_classes'), ('/usr/local/lib/python2.6/dist-pack ages/ldap/ldapobject.py', 476, 'result4', 'ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)'), ('/usr/local/lib/python2.6/dist-packages/ldap/ldapobject.py', 99, '_ldap_call', 'result = func(*args,**kwargs)')]/{'info': '00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece', 'desc': 'Operations error'}) _______________________________________________ Keep Baruwa FREE - http://pledgie.com/campaigns/12056 _______________________________________________ Keep Baruwa FREE - http://pledgie.com/campaigns/12056
