Django user julienb does not have a profile to populate

Question

i'm trying to login into the admin site through the ldap. The user is find in the ldap. My problem is that each time i try to login, i got this error.

search_s('ou=utilisateurs,ou=employee,dc=bi,dc=invik,dc=lu', 2, '(SAMAccountName=%(user)s)')returned 1 objects: cn=julien boelen,ou=utilisateurs,ou=employee,dc=bi,dc=invik,dc=lu

search_s('ou=utilisateurs,ou=employee,dc=bi,dc=invik,dc=lu', 2, '(SAMAccountName=%(user)s)')returned 1 objects: cn=julien boelen,ou=utilisateurs,ou=employee,dc=bi,dc=invik,dc=lu

Populating Django user julienb

Populating Django user julienb

Django user julienb does not have a profile to populate

Django user julienb does not have a profile to populate

And obviously i cannot login into the admin site. I don't know how to tell django "don't use profile !! just let me login in"

Here is my settings.py

AUTHENTICATION_BACKENDS = (

     'django_auth_ldap.backend.LDAPBackend',
     'django.contrib.auth.backends.ModelBackend',                    

)

AUTH_LDAP_SERVER_URI = "ldap://192.168.1.5/"
AUTH_LDAP_CONNECTION_OPTIONS = {
        ldap.OPT_DEBUG_LEVEL: 0,
        ldap.OPT_REFERRALS: 0,
}


AUTH_LDAP_BIND_DN = "browser"
AUTH_LDAP_BIND_PASSWORD = "Django15iscool"
AUTH_LDAP_USER_SEARCH = LDAPSearch("ou=utilisateurs,ou=employee,dc=bi,dc=invik,dc=lu",
                        ldap.SCOPE_SUBTREE, '(SAMAccountName=%(user)s)')


AUTH_LDAP_USER_ATTR_MAP = {
     "first_name": "givenName",
     "last_name": "sn",
     "email": "mail"
     }

I can't figure out why i cannot login, why he asked for a profile, i don't use profile, is there something to specify to inform django don't care about profile, and let me login :)

http://stackoverflow.com/questions/6356705/mapping-ldap-users-to-django-users-with-django-auth-ldap — catherine, Apr 12 '13 at 15:54

score 2 · Answer 1 · answered Oct 07 '13 at 13:41

I know that Profile log looks scary, but it's actually something of a red herring*. Your real problem is that you're trying to log into the admin page with an account that doesn't have staff or superuser privileges. There are two ways to handle that given your current setup:

1) If you want your account's superuser privileges to inherit from your LDAP model, you're going to need to set up user flag mapping for the is_superuser property, something to the effect of

AUTH_LDAP_USER_FLAGS_BY_GROUP = {
    "is_superuser": "cn=superuser,ou=groups,dc=example,dc=com"
}

2) If that doesn't work, you're going to need to log in with an existing account that already has superuser privileges. When you did your first python manage.py syncdb, you should have been prompted to create a superuser account. As long as you're still authenticating with django.contrib.auth.backends.ModelBackend, you should be able to continue to access your admin page with that superuser account. Failing that, you can always go into the shell and promote your account to superuser or create a new superuser account.

*To clarify, what's happening is that the authentication backend is trying to populate your User object and an associated UserProfile object (if one exists). This is a case of the error log not being specific enough... that error message isn't indicative of a problem but rather of a feature that you haven't implemented. (visit https://docs.djangoproject.com/en/1.4/topics/auth/#storing-additional-information-about-users if you want more info about this feature in 1.4... it's been deprecated in 1.5)

Davide Brunato · Answer 2 · 2013-04-12T13:55:54.970

The LDAPBackend doesn't create a profile. Try first to create a user using User model class. You need a shell in the Django project directory:

python manage.py shell

and then in the Python shell try:

>>> from django.contrib.auth.models import User
>>> user = User.objects.create_user('username', None, None)
>>> user.save()

In this manner the user is properly created, also with an empty password. The profile can include additional fields that you can populate with LDAP attributes using the AUTH_LDAP_PROFILE_ATTR_MAP parameter in the settings. If you are interested in customization make attention because in Django 1.5 the user profiles are deprecated and substituted by a Custom User Model, that should be more flexible.

https://docs.djangoproject.com/en/1.5/topics/auth/customizing/#extending-the-existing-user-model https://docs.djangoproject.com/en/1.5/topics/auth/customizing/#substituting-a-custom-user-model

Django user julienb does not have a profile to populate

2 Answers2