导入LDAP用户进入Django的数据库 [英] Importing LDAP users into django database

问题描述

我想一个的ActiveDirectory数据库的用户导入到Django的。为此我试图使用django_auth_ldap模块。

I want to import the users of a ActiveDirectory database into Django. To this end I'm trying to use the django_auth_ldap module.

下面是我的尝试已经：

在我的settings.py：

in my settings.py :

AUTH_LDAP_SERVER_URI = "ldap://example.fr"

AUTH_LDAP_BIND_DN = 'cn=a_user,dc=example,dc=fr'
AUTH_LDAP_BIND_PASSWORD=''
AUTH_LDAP_USER_SEARCH = LDAPSearch('ou=users,dc=example,dc=fr', ldap.SCOPE_SUBTREE, '(uid=%(user)s)')
AUTH_LDAP_GROUP_SEARCH = LDAPSearch('ou=groups,dc=example,dc=fr', ldap.SCOPE_SUBTREE, '(objectClass=groupOfNames)')

AUTH_LDAP_GROUP_TYPE = ActiveDirectoryGroupType()

#Populate the Django user from the LDAP directory
AUTH_LDAP_USER_ATTR_MAP = {
    'first_name': 'sAMAccountName',
    'last_name': 'displayName',
    'email': 'mail'
}


AUTHENTICATION_BACKENDS = (
    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
)

然后我叫蟒蛇manage.py的SyncDB 没有结果。没有警告，没有错误，没有什么updataed在AUTH_USER表。有什么明显的，我忘了怎么办？

Then I call python manage.py syncdb with no result. No warning, no error, nothing updataed in the auth_user table. Is there something obvious I forgot to do ?

推荐答案

纵观文档 django_auth_ldap 看来模块实际上并没有通过LDAP用户走，并将它们加载到数据库中。相反，它验证对LDAP用户，然后添加或更新它们 auth_users 它从LDAP获取信息的当用户登录的。

Looking at the documentation for django_auth_ldap it appears that the module doesn't actually walk through LDAP users and load them into the database. Instead, it authenticates a user against LDAP, and then adds or updates them in auth_users with the information it gets from LDAP when the user logs in.

如果你想$ P $与所有用户在Active Directory中的P-填充数据库那么它看起来像你需要编写直接查询AD的脚本，并插入用户。

If you want to pre-populate the database with all of the users in Active Directory then it looks like you'll need to write a script that queries AD directly and insert the users.

这样的事情应该让你开始：

Something like this should get you started:

import ldap

l = ldap.initialize('ldap://your_ldap_server') # or ldaps://
l.simple_bind_s("cn=a_user,dc=example,dc=fr")
users = l.search_ext_s("memberOf=YourUserGroup",\
                         ldap.SCOPE_SUBTREE, \
                         "(sAMAccountName=a_user)", \
                         attrlist=["sAMAccountName", "displayName","mail"])

# users is now an array of members who match your search criteria.
# *Each* user will look something like this:
# [["Firstname"],["LastName"],["some@email.address"]]
# Note that each field is in an array, even if there is only one value.
# If you only want the first value from each, you can transform the results:
# users = [[field[0] for field in user] for user in users]

# That will transform each row into something like this:
# ["Firstname", "Lastname", "some@email.address"]

# TODO -- add to the database.

我已经离开了数据库更新给你，因为我没有对你设置任何信息。

I have left the database update to you, since I don't have any information about your setup.

如果您需要有关LDAP查询的详细信息，在这里检查出的问题LDAP的StackOverflow - 我还发现的这篇文章是一个帮助。

If you need more information about LDAP queries, check out the LDAP questions here on Stackoverflow -- and I also found this article to be a help.

这篇关于导入LDAP用户进入Django的数据库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！