Reputation: 1556
python - flask_simpleldap won't bind
I'm using flask_simpleldap and am struggling to get a bind connection to do anything useful.
My LDAP server is active directory.
The stripped down code looks as follows, and looks almost identical to the example:
from flask import Flask
from flask_simpleldap import LDAP
app = Flask(__name__)
app.secret_key = 'super secret key'
app.debug = True
app.config['LDAP_HOST'] = 'my-ldap-host.example.com'
app.config['LDAP_REALM_NAME'] = 'LDAP Authentication'
app.config['LDAP_SCHEMA'] = 'ldaps'
app.config['LDAP_PORT'] = 636
app.config['LDAP_BASE_DN'] = 'dc=example,dc=com'
app.config['LDAP_USERNAME'] = '[email protected]'
app.config['LDAP_PASSWORD'] = 'binduser_pw'
app.config['LDAP_OBJECTS_DN'] = 'distinguishedName'
app.config['LDAP_OPENLDAP'] = False
ldap = LDAP(app)
@app.route('/ldap')
@ldap.basic_auth_required
def ldap_protected():
return 'Welcome, {0}!'.format(g.ldap_username)
if __name__ == '__main__':
app.run(host='0.0.0.0', port=8080, debug=True)
When running the flask app, i'll get an error such as this:
LDAPException: Operations error
While trying to troubleshoot, i've modified flask_simpleldap __init__.py file to show the info as well as the desc of the error, on line 274; Now i get a bit more info about the error:
LDAPException: 000004DC: LdapErr: DSID-0C090752,
comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580
So, i guess what i need to understand is why my initial bind won't work... do i have something wrong in my app.config?
Not sure what the problem could be... ldapsearch seems to work from a shell as such:
ldapsearch -x -LLL -E pr=200/noprompt -h my-ldap-host.example.com -D "[email protected]" -w 'binduser_pw' -b "dc=example, dc=com" -s sub "(sAMAccountName=binduser)" | grep distinguishedName
distinguishedName: CN=Bind User,OU=Some_OU,DC=example,DC=com
Other details:
- I've tried on python2.7 and 3.5, same issues
- Centos 7.2
- Active Directory is my LDAP server
Any help appreciated, thanks.
Upvotes: 2
Views: 2406
Answers (2)
Reputation: 11
Your username must be fully qualified.
app.config['LDAP_USERNAME'] = 'uid=binduser,dc=example,dc=com'
Upvotes: 1
Reputation: 474151
Not sure if this is going to be helpful, but I've just set flask_simpleldap to work with our test Active directory instance. The only relevant difference is that I had to use:
app.config['LDAP_USE_SSL'] = True
I think I've also seen "Operations Error" when I had invalid DN or username format.
Upvotes: 1
Related Questions
- Flask and Ldap3 not playing nicely together
- Python-ldap not able to bind successfully
- LDAPError: (0, 'Error') and LDAPError: (2, 'No such file or directory') with flask
- Flask/Python Login
- Flask-login and LDAP
- Flask Authentication with LDAP using flask_ldap3_login
- LDAP Authentication in Flask using flask_simpleldap returns "Credentials invalid"
- Ldap-module fails when intregrating with Flask
- Authentication in Flask app using flask-simpleldap
- Flask authentication using LDAP