Ask Your Question
1

Configure LDAP authentication

asked 2012-01-24 04:11:26 -0500

benstokes gravatar image benstokes
11 1 1 3

updated 2012-01-24 08:05:03 -0500

Evgeny gravatar image Evgeny flag of Chile
11329 50 84 183
http://askbot.org/

I can see a few people seem to have had success setting up askbot to authenticate against active directory but I'm having trouble with it, could anyone clarify how these fields should be used:

LDAP service provider name: I tried "Active Directory"

URL for LPAP service: I tried "ldap://10.23.2.1:389"

Explain how to change pwd: left blank

With these settings I get an Internal Server Error, and nothing inserted into the log.

delete close flag offensive retag edit

5 Answers

Sort by ยป oldest newest most voted
1

answered 2012-01-25 02:39:32 -0500

monkut gravatar image monkut
21 3

updated 2012-01-25 02:40:50 -0500

I got it working here: https://github.com/monkut/askbot-devel

I'm not sure if this will cover all LDAP configurations, but it's working for me now. You'll need to adjust the appropriate login configuration items so that the openauth items do NOT display, and to setup the ldap configuration values in settings/EXTERNAL_KEYS.

Only three files need to be updated:

  • deps.django_authopenid.views
  • deps.django_authopenid.backends
  • conf.external_keys
link publish delete flag offensive edit
1

answered 2012-01-27 04:10:35 -0500

koni gravatar image koni
11 1

I am using the 3 files from above, but I get: NameError at /account/signin/ global name 'ldap_provider_name' is not defined

Did install pip install python-ldap

Any ideas?

link publish delete flag offensive edit

Comments

1

Found the problem! Error in line 329: change to: login_provider_name = provider_name,

koni ( 2012-01-27 04:25:19 -0500 )edit
1

answered 2012-06-22 05:25:50 -0500

enrique gravatar image enrique
11 1 2

Koni's answer does not solve the problem because it does local login, not ldap.

I can't find any good explanation of the use of ldap on the site. Does it work or not? (I think not)

link publish delete flag offensive edit

Comments

Which version of LDAP protocol are you using? Askbot is hardcoded to work with v3. LDAP support was contributed by somebody else and we have not tested it thoroughly yet. If you have ability to test and debug - please look at the module askbot.deps.django_authopenid.backends.

Evgeny ( 2012-06-23 18:20:05 -0500 )edit

Looked at the protocol again - it turns out we connect to LDAP without authentication, and if your directory does not allow anonymous lookup of data - it won't work. Also - please do check your log/askbot.log all LDAP errors are logged. Please tell me which one do you have?

Evgeny ( 2012-06-23 19:20:09 -0500 )edit

I can connect with jxplorer using v3. But I can't make it work with askbot. We have authentication as mandatory, so we can't use it anonymously. There are no logs on the log folder. I am going to debug backends to see what happens

enrique ( 2012-06-25 10:42:56 -0500 )edit

What is the point of using ldap on the login system if you dont use authentication?

enrique ( 2012-06-25 10:53:41 -0500 )edit

On askbot.deps.django_authopenid.backends.py, on the method "ldap_authenticate", I connect to the ldap server and on the line "res = ldap_session.search_s(askbot_settings.LDAP_BASEDN, ldap.SCOPE_SUBTREE, user_filter, None)" fails throwing an exception "{'desc' : 'Bad search filter'}" It looks like its searching on a field called desc which does not exists. It should be "cn" not "desc"

enrique ( 2012-06-25 11:44:15 -0500 )edit
0

answered 2012-01-24 08:04:53 -0500

Evgeny gravatar image Evgeny flag of Chile
11329 50 84 183
http://askbot.org/

I am sorry, LDAP authentication is broken. Marking as bug.

link publish delete flag offensive edit

Comments

Thanks for the update.

benstokes ( 2012-01-24 08:39:40 -0500 )edit

I'm trying to getting it working here, what area of code needs work?

monkut ( 2012-01-24 23:09:40 -0500 )edit

any update here? is ldap authentication still broken?

anarcat ( 2012-09-24 16:09:09 -0500 )edit

There is an updated version in the repository which works for us.

Evgeny ( 2012-09-24 16:10:23 -0500 )edit
0

answered 2012-07-09 14:43:36 -0500

Erick Almeida gravatar image Erick Almeida
73 4 1 7

Hi, I'm having trouble with LDAP auth. I'm geting this error:

/usr/local/lib/python2.7/dist-packages/askbot-0.7.43-py2.7.egg/askbot/deps/django_authopenid/forms.py TIME: 2012-07-09 14:25:17,267 MSG: forms.py:clean:77 unknown provider name

link publish delete flag offensive edit

Comments

Ldap in that release is broken, will be fixed in the next.

Evgeny ( 2012-07-09 20:51:28 -0500 )edit

There are a roadmap or schedule for next release? I get a git repo. If exist a fix I can apply and instal...

Erick Almeida ( 2012-07-10 06:32:52 -0500 )edit

I'll make a final fix today and make an update on git today - will let you know. The release may take some extra time, a few days.

Evgeny ( 2012-07-10 09:56:02 -0500 )edit

Erick, try branch "tag-editor" on the github, LDAP works for me there.

Evgeny ( 2012-07-10 19:47:11 -0500 )edit

Evgeny, I install this branch. After on LDAP logon method I canot login in the system. The form for "local" register disapear.

Erick Almeida ( 2012-07-12 15:10:43 -0500 )edit

Your answer

Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Reliable Askbot Hosting

Create your Q&A site at askbot.com. Managed Askbot hosting at just $15/mo. Dedicated hosting, support contracts, consulting services.

create your Q&A site
30 days free trial

Question tools

Follow
2 followers

subscribe to rss feed

Stats

Asked: 2012-01-24 04:11:26 -0500

Seen: 666 times

Last updated: Jul 09 '12

Related questions

ldap connection authorized if the password not filled even for an unknown user

Exception with ldap signin when the password includes accented characters

Internal Server Error when trying to edit personal pro

Where are the badges in a fresh install? [fixed]

HTML Tags in titles getting eaten <fixed/>

Unknown column 'auth_user.is_approved' in 'field list' [fixed]

need spaces between date, username, and karma on a user's profile overview page (in the "questions" section) [fixed]

email for comments: link missing a href [fixed]

Bug: Horizontal Rule in Comment breaks stylesheet [fixed]

"Related questions" section shows deleted questions?

Copyright Askbot, 2010-2011. Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | give feedback
Powered by Askbot version 0.7.48