[英]Change LDAP password encryption using django-python3-ldap
EDIT 2:编辑2:
It seems that the migrate command is importing the data BUT the password is set to "unusable" as it is calling this method in the library:迁移命令似乎正在导入数据,但密码设置为“不可用”,因为它在库中调用此方法:
# If the user was created, set them an unusable password.
if created:
user.set_unusable_password() # Will call: self.password = make_password(None)
user.save()
If anyone has a solution?如果有人有解决方案? Did you manage to use django-python3-ldap with a different version?您是否设法将 django-python3-ldap 与其他版本一起使用?
EDIT1:编辑1:
Does someone manage to use django-python3-ldap successfully and can show me his settings.有人设法成功使用 django-python3-ldap 并且可以向我展示他的设置。 It is possible that I forgot a config in my settings...可能是我忘记了设置中的配置...
Thank you!谢谢!
I am using django-python3-ldap v0.11.2 for LDAP authentication in Django.我在 Django 中使用 django-python3-ldap v0.11.2 进行 LDAP 身份验证。
I successfully managed to connect to my ldap test server which I created with some dummy users.我成功地连接到我用一些虚拟用户创建的 ldap 测试服务器。 The migration using this command: python manage.py ldap_sync_users
works fine and is refreshing my db.使用此命令进行迁移: python manage.py ldap_sync_users
工作正常,正在刷新我的数据库。
However, when I try to connect with one of the user, I am getting this error message: LDAP connect failed: LDAPInvalidCredentialsResult - 49 - invalidCredentials - None - INVALID_CREDENTIALS: Bind failed: Invalid authentication - bindResponse - None
.但是,当我尝试与其中一个用户连接时,我收到此错误消息: LDAP connect failed: LDAPInvalidCredentialsResult - 49 - invalidCredentials - None - INVALID_CREDENTIALS: Bind failed: Invalid authentication - bindResponse - None
。
I suspect this is because the stored password is incorrectly encrypted... This is because the following test works fine:我怀疑这是因为存储的密码加密不正确......这是因为以下测试工作正常:
Have anyone faced this issue before?以前有人遇到过这个问题吗? Or knows how to change the password encryption used by the migrate command?或者知道如何更改 migrate 命令使用的密码加密? Or maybe I missed an important LDAP configuration...或者我错过了一个重要的 LDAP 配置......
Python LDAP settings: Python LDAP 设置:
# LDAP Connection Settings
LDAP_AUTH_URL = "ldap://localhost:10389"
LDAP_AUTH_USE_TLS = None
LDAP_AUTH_SEARCH_BASE = "DC=example,DC=com"
LDAP_AUTH_USER_FIELDS = {
"username": "uid",
"first_name": "givenName",
"last_name": "sn",
"email": "mail",
"password": "userPassword"
}
LDAP_AUTH_OBJECT_CLASS = "organizationalPerson"
LDAP_AUTH_USER_LOOKUP_FIELDS = ("username",)
LDAP_AUTH_CLEAN_USER_DATA = "django_python3_ldap.utils.clean_user_data"
LDAP_AUTH_SYNC_USER_RELATIONS = "django_python3_ldap.utils.sync_user_relations"
LDAP_AUTH_FORMAT_SEARCH_FILTERS = "django_python3_ldap.utils.format_search_filters"
LDAP_AUTH_FORMAT_USERNAME = "django_python3_ldap.utils.format_username_active_directory"
LDAP_AUTH_CONNECTION_USERNAME = 'uid=admin,ou=system'
LDAP_AUTH_CONNECTION_PASSWORD = 'secret'
LDAP test user config: LDAP 测试用户配置:
dn: cn=Jane Doe,ou=Users,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Jane Doe
sn: Doe
ou: site_admin
description: 19650324000000Z
employeeNumber: 12
givenName: Jane
mail: jane@example.com
telephoneNumber: 169-637-3314
telephoneNumber: 907-547-9114
uid: jdoe
userPassword:: abc
Extract of my test db:我的测试数据库的提取:
Username |用户名 | Password密码
jdoe...........|.ipxhdylGKTwILF... jdoe...........|.ipxhdylGKTwILF...
OkUser......|好的用户......| pbkdf2_sha256 $150000$PHBKev... pbkdf2_sha256 $150000$PHBKev...
Thank you for your help谢谢您的帮助
I finally decided to implement my own authenticate & get user method which is:我最终决定实现自己的身份验证和获取用户方法,即:
User.objects.create_superuser(username=username,
email=mail,
password='mypassword',
first_name=first_name,
last_name=last_name)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.