marchete / django-adldap-sync

django-adldap-sync provides a Django management command that synchronizes LDAP users and groups from an Active Directory server.
BSD 3-Clause "New" or "Revised" License
4 stars 3 forks source link

Including the primary group of users. #2

Open ednaldodias opened 3 years ago

ednaldodias commented 3 years ago

Look at https://github.com/ednaldodias/django-adldap-sync-primarygroup

django-adldap-sync-primarygroup-main.zip

ednaldodias commented 3 years ago

Comments are welcome

polnikov commented 3 years ago

does it allow django groups to sync with AD groups? or do need to create a custom group model? do all other configuration in settings.py match the basic configuration from the documentation?

ednaldodias commented 3 years ago

Yes. Nothing change. Only the users are verifield in primary groupd

Em seg, 1 de nov de 2021 08:36, Iurii Polnikov @.***> escreveu:

does it allow django groups to sync with AD groups? or do need to create a custom group model? do all other configuration in settings.py match the basic configuration from the documentation?

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/marchete/django-adldap-sync/issues/2#issuecomment-956160083, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB3O4AQFR4CGCEQNIVONEETUJZ3UTANCNFSM5DKXFKCA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

ednaldodias commented 2 years ago

Error found:

---> comment the lines 672 to 676

    def get_ldap_user_membership(self, user_dn, primaryGroupSid):
                    ####!!!!!
        """Retrieve user membership from LDAP server."""
        #Escape parenthesis in DN
        membership_filter =
self.conf_LDAP_SYNC_GROUP_MEMBERSHIP_FILTER.replace('{distinguishedName}',
user_dn.replace('\,', ',').replace('(', "\(").replace(')', "\)"))
        try:
            uri, groups = self.ldap_search(membership_filter,
self.conf_LDAP_SYNC_GROUP_ATTRIBUTES.keys(), False, membership_filter)
        except Exception as e:
            logger.error("Error reading membership: Filter %s, Keys %s" %
(membership_filter, str(self.conf_LDAP_SYNC_GROUP_ATTRIBUTES.keys())))
            return (None, None)
        #logger.debug("AD Membership: Retrieved %d groups for user '%s'" %
(len(groups), user_dn))

        objectsid_filter =
             \
            '(objectSid=' + primaryGroupSid + ')'
                         ####!!!
        uri1, groups1 = self.ldap_search(objectsid_filter,
             \

self.conf_LDAP_SYNC_GROUP_ATTRIBUTES.keys(),            \
                                   False, objectsid_filter)
                        ####!!!
        #objectsid_filter =
                \        ####!!! correction
        #        '(&(objectClass=group)(member:1.2.840.113556.1.4.1941:=' +
groups1[0][0] + '))'     ####!!! correction
        #uri1, groups1 =
                  \       ####!!! correction
        #        self.ldap_search(objectsid_filter,
self.conf_LDAP_SYNC_GROUP_ATTRIBUTES.keys(), \   ####!!! correction
        #        False, objectsid_filter)
                         ####!!! correction

        groups.extend(groups1)
                         ####!!!!

        return (uri, groups)

Atenciosamente,

Ednaldo Dias da Silva

Em ter., 2 de nov. de 2021 às 15:51, Ednaldo Dias @.***> escreveu:

Yes. Nothing change. Only the users are verifield in primary groupd

Em seg, 1 de nov de 2021 08:36, Iurii Polnikov @.***> escreveu:

does it allow django groups to sync with AD groups? or do need to create a custom group model? do all other configuration in settings.py match the basic configuration from the documentation?

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/marchete/django-adldap-sync/issues/2#issuecomment-956160083, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB3O4AQFR4CGCEQNIVONEETUJZ3UTANCNFSM5DKXFKCA . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.