django-auth-ldap with Active Directory not pulling "Domain Users" group

Question

I have the following in my settings.py which is working fine and authenticating against Active Directory. This config is pulling all groups into the Django Admin app apart from the "Domain Users" group which I need to use in my current project. Does anyone know why this is the only group which is not showing up in the Admin app??

settings.py

# LDAP Settings

# Baseline configuration
AUTH_LDAP_SERVER_URI = "ldaps://DC1@example.com:636"
AUTH_LDAP_BIND_DN = "user@example.com"
AUTH_LDAP_BIND_PASSWORD = "password"
AUTH_LDAP_USER_SEARCH = LDAPSearch("DC=example,DC=com", ldap.SCOPE_SUBTREE, "(&(objectClass=user)(samAccountName=%(user)s))")
AUTH_LDAP_CONNECTION_OPTIONS = {
    ldap.OPT_DEBUG_LEVEL: 0,
    ldap.OPT_REFERRALS: 0,
}

# Populate Django user from LDAP directory
AUTH_LDAP_USER_ATTR_MAP = {
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail"
}

# Set up the basic group parameters.
AUTH_LDAP_GROUP_SEARCH = LDAPSearch("dc=example,dc=com",
                                    ldap.SCOPE_SUBTREE, "(objectClass=group)")

AUTH_LDAP_GROUP_TYPE = ActiveDirectoryGroupType(name_attr='cn')

# Pull AD groups into Django
AUTH_LDAP_MIRROR_GROUPS = True

# This is the default, but I like to be explicit.
AUTH_LDAP_ALWAYS_UPDATE_USER = True

# Configure both backend systems
AUTHENTICATION_BACKENDS = {
    'django_auth_ldap.backend.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',
}

Did you ever figure anything out with this? – Micah Yeager Aug 17 '19 at 19:13 — Micah Yeager, Aug 17 '19 at 19:13

score 0 · Answer 1 · answered Apr 18 '21 at 05:27

0

"Domain Users" group is located inside the User container

"cn=Users,dc=example,dc=com"

See this link with the solution.

https://github.com/ednaldodias/django-adldap-sync-primarygroup

answered Apr 18 '21 at 05:27

Ednaldo Dias

1

django-auth-ldap with Active Directory not pulling "Domain Users" group

1 Answers1