0

I have a ldap server which is configured like this: cn=adminuser,dc=compnay,dc=com Then i have ccreate ou=users. I want to add some users to this ou with the intention of authenticating them from my python application. so the tree looks something like this:

* cn=adminuser,dc=compnay,dc=com
  * users
     - sam
     - Laurie
     - Joe

with some attributes assigned to all users like mobile, email. When i want to authenticate the users from the user form, i cannot bind using the connection(user='ou=users,cn=sam,dc=company,dc=com',password=mypassword) I have assigned password & cn to all users.

Expected: Users will get authenticated.

Output: Bind error.invalidCredentials

When i use the full DN in connection() exou=groups,cn=sam,mobile=xxxxx,email=sam@sam.com, it works but obvously i cannot ask each user to enter all details while authenticating, is there any mistake in my understanding of user authentication via ldap?

NOTE i am using python ldap3 library.

anekix
  • 111
  • 5
  • Can you add one of your users entry as an example (e.g. with `ldapsearch -b "dc=company,dc=com"`)? Your users should just enter their `uid` and you should transform it into something like `uid=,ou=groups,dc=company,dc=com`. – Piotr P. Karwasz Feb 04 '20 at 22:41
  • 1
    Or depending on the type of the LDAP server you use (Active Directory?) you may use other attributes (like `sAMAccountName`). – Juraj Martinka Feb 05 '20 at 08:31

0 Answers0