diff options
| author | Dominik George <nik@naturalnet.de> | 2014-08-04 23:08:24 +0400 |
|---|---|---|
| committer | Dominik George <nik@naturalnet.de> | 2014-08-04 23:08:24 +0400 |
| commit | fb4f211f8edbef447f81f523e8c929ccf3e18c79 (patch) | |
| tree | b42ec67a502bb6ba40bd65d23741c723fc0bbbc5 | |
| parent | e0e944af0d6cfb86d95e0a2345493b49be072a50 (diff) | |
Use configured bind_dn for id search
| -rw-r--r-- | Authenticators/LDAP/LDAPauth.py | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/Authenticators/LDAP/LDAPauth.py b/Authenticators/LDAP/LDAPauth.py index bd57cda..dda9810 100644 --- a/Authenticators/LDAP/LDAPauth.py +++ b/Authenticators/LDAP/LDAPauth.py @@ -559,7 +559,14 @@ def do_main_program(): debug("nameToId %s (cache) -> %d", name, uid) return uid - ldap_conn = ldap.initialize(cfg.ldap.ldap_uri, 0) #Anon search + ldap_conn = ldap.initialize(cfg.ldap.ldap_uri, 0) + + # Bind if configured, else do explicit anonymous bind + if cfg.ldap.bind_dn and cfg.ldap.bind_pass: + ldap_conn.simple_bind_s(cfg.ldap.bind_dn, cfg.ldap.bind_pass) + else: + ldap_conn.simple_bind_s() + res = ldap_conn.search_s(cfg.ldap.users_dn, ldap.SCOPE_SUBTREE, '(%s=%s)' % (cfg.ldap.display_attr, name), [cfg.ldap.number_attr]) #If user found, return the ID |