I am running Django-1.7.7 with ModelBackend(default) with few users and 2 groups.
Now i have implemented Ldap Backend too with Model Backend. But after that i have to add all of the Ldap Authenticated users to one of the Model group automatically, when the users Authenticated.
Is there any way to achieve this?
Look at this package: https://pythonhosted.org/django-auth-ldap/
and at this old post: https://www.djm.org.uk/posts/using-django-auth-ldap-active-directory-ldaps/
You can avoid storing users in model, using Django LDAP features. You should "ask" to your LDAP server if that user´s credentials are correct and then you can your do your stuff: Store the username in a variable session, redirect to specific pages, in every page you can check if variable session with username is correct, and so on,...
--SETTINGS.PY--
# LDAP Configuration.
import ldap
from django_auth_ldap.config import LDAPSearch
AUTHENTICATION_BACKENDS = (
'django_auth_ldap.backend.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)
# Binding and connection options.
# Address (by IP or Hostname) of LDAP Server (Directory Active)
AUTH_LDAP_SERVER_URI = "ldap://xxx.xxx.x.xxx"
# DN of user through we bind to LDAP Server.
AUTH_LDAP_BIND_DN = "CN=xxx, CN=xxx, DC=xxx, DC=xxx"
# Password of user through we bind to LDAP Server.
AUTH_LDAP_BIND_PASSWORD = "xxxxxx"
# Node where we start to search users. Use to be DN (of random user) without the last one parameter.
AUTH_LDAP_USER_SEARCH = LDAPSearch("CN=xxx, DC=xxx, DC=xxx", ldap.SCOPE_SUBTREE, "(samAccountName=%(user)s)")
Then you can use it in your views, for checking is a specific user exists:
--VIEWS.PY--
con = ldap.initialize("ldap://ldapserver")
con.simple_bind_s( userDN, passwordUser )
filter = '(sAMAccountName=' + "loginName" + ')'
user = con.search_s( base_dn, ldap.SCOPE_SUBTREE, filter, attrs )
con.unbind()
