Any updates for this to work on 2.0.2 Mayan? I have tried the below changes to my local.py but the users do not seem to show up or work?
thanks, Victor On Friday, January 13, 2012 at 11:10:52 AM UTC-8, Roberto Rosario wrote: > > Just recently at work I had to get our Mayan EDMS instance to authenticate > users against the main HQ Microsoft AD. The process was not difficult, but > it wasn't a breeze in the park either. This is how I did it in case it's > of help for anyone else. > > I used these two libraries as they seemed the most maintained from the > quick search I did. > http://www.python-ldap.org/ > http://packages.python.org/django-auth-ldap/ > > After figuring out the corresponding OU, CN and such (which took quite a > while since I'm not well versed in LDAP). For configuration options, Mayan > EDMS imports settings_local.py after importing settings.py to allow users > to override the defaults without modifying any file tracked by Git, this > makes upgrading by using Git's pull command extremely easy. My > settings_local.py file is as follows: > > > import ldap > from django_auth_ldap.config import LDAPSearch > > # makes sure this works in Active Directory > ldap.set_option(ldap.OPT_REFERRALS, 0) > > AUTH_LDAP_SERVER_URI = "ldap://172.16.XX.XX:389"; > AUTH_LDAP_BIND_DN = 'cn=Roberto Rosario > Gonzalez,ou=Aguadilla,ou=XX,ou=XX,dc=XX,dc=XX,dc=XX' > AUTH_LDAP_BIND_PASSWORD = 'XXXXXXXXXXXXXX' > AUTH_LDAP_USER_SEARCH = LDAPSearch('dc=XX,dc=XX,dc=XX', > ldap.SCOPE_SUBTREE, '(SAMAccountName=%(user)s)') > > # Populate the Django user from the LDAP directory. > AUTH_LDAP_USER_ATTR_MAP = { > "first_name": "givenName", > "last_name": "sn", > "email": "mail" > } > > # This is the default, but I like to be explicit. > AUTH_LDAP_ALWAYS_UPDATE_USER = True > > AUTHENTICATION_BACKENDS = ( > 'django_auth_ldap.backend.LDAPBackend', > 'django.contrib.auth.backends.ModelBackend', > ) > > The AUTH_LDAP_BIND_DN and AUTH_LDAP_BIND_PASSWORD are required because > anonymous queries are not allowed in out organization's tree, my user > account is being used to do the query, but a dummy account will be created > and used later on. The AUTH_LDAP_USER_SEARCH = > LDAPSearch('dc=XX,dc=XX,dc=X bit took some trial and error as it wasn't > very intuitive to figure out, this is not an issue of the library, but of > Active Directory and of our particular LDAP forrest. > > For a more advanced example check this StackOverflow question: > http://stackoverflow.com/questions/6493985/django-auth-ldap > -- *CONFIDENTIALITY NOTICE: * *This transmission may contain information which is Vimo, Inc. (DBA Getinsured) confidential and/or legally privileged. The information is intended only for the use of the individual or entity named on this transmission. If you are not the intended recipient, you are hereby notified that any disclosure, copying, or distribution of the contents of this transmission is strictly prohibited. If you have received this transmission in error, please immediately notify me by return e-mail and destroy all copies of the original message.* -- --- You received this message because you are subscribed to the Google Groups "Mayan EDMS" group. To unsubscribe from this group and stop receiving emails from it, send an email to mayan-edms+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
