0

I am using django-auth-ldap library and everything is working fine. I am doing direct bind using AUTH_LDAP_USER_DN_TEMPLATE.

The CN of user has this format: "department.surname". Department is a code composed of 5 characters.

And the template for DN is formed like this:

AUTH_LDAP_USER_DN_TEMPLATE = 'CN=%(user)s,ou=Department,ou=Users,dc=example,dc=com'

The placeholder for user is working. The problem is that the Department OU is variable. It depends of user CN. Since this library does not allow a second placeholder for department, I don't know what to do. When I put a fixed string for department everything works properly, but then I cannot authenticate users from others departments.

Does anyone have an idea to solve this?

Thanks in advance.

O Pardal
  • 647
  • 4
  • 21
  • Hard to believe it only alllows one placeholder. Have you tried `%(department)` and providing a vale named `department`? – user207421 May 05 '19 at 05:13
  • you are right. for this I will have to change the original backend.py of the django_auth_ldap. I am not sure if this is a good practice. is it ok or is there another customized authentication way? – O Pardal May 05 '19 at 13:18

1 Answers1

1

Since the CN format of my user is department.user and all departments code are composed of 5 characters, I have developed this workaround that worked for me:

AUTH_LDAP_USER_DN_TEMPLATE = 'CN=%(user)s,ou=%(user).5s,ou=Users,dc=example,dc=com'

Attention for .5 in the first OU.

O Pardal
  • 647
  • 4
  • 21