I'm trying to develop what should be a relative simple web application that requests a user to log in via LDAP, then if successfully logged in, the user can then search for another user(s) in the LDAP server. It's an application for admin people. The code so far creates/binds to the ldap server, and upon finding the searched user, a different page is displayed showing the user's credentials. Connectivity via the correct credentials has been confirmed via the ldap3 library.

• Django Change Password

On the second webpage displaying the credentials of the searched user (his username, email, mobile number etc.), there is a search box, so that that the user can search again for another user. Therefore login is not required again. The problem I have now is how to remain logged in via ldap, so that the user only needs to input the searched user (and not again his username and password).

My code:

This strategy will work if you are using the Django user as it is, or if you have extended it using the AbstractUser or AbstractBaseUser. If you extended the Django user using a Profile model, hold tight, we will get there too. Now we need a step further, we have to extend the UserCreationForm. Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. In this tutorial we’ll be answering the question “How do I setup a Django (1.5, 1.6, 1.7, or 1.8) project from scratch?” In other words, you’ll learn how to install Django and how to set up your Django project structure.

settings.py

`ALLOWED_HOSTS = ['127.0.0.1']

LDAP_AUTH_URL = 'ldap://10.253.53.53:389'
LDAP_AUTH_USE_TLS = None # Initiate TLS on connection.
LDAP_AUTH_SEARCH_BASE = 'dc=vkbads,dc=de' # The LDAP search base for looking up users.
LDAP_AUTH_OBJECT_CLASS = 'inetOrgPerson' # The LDAP class that represents a user.
LDAP_AUTH_USER_FIELDS = {
'username': 'cn',
'first_name': 'givenName',
'last_name': 'sn',
'email': 'mail',
}

#LDAP_AUTH_USER_LOOKUP_FIELDS = ('username',)
LDAP_AUTH_USER_LOOKUP_FIELDS = ('cn',)
LDAP_AUTH_CLEAN_USER_DATA = 'django_python3_ldap.utils.clean_user_data'
LDAP_AUTH_SYNC_USER_RELATIONS = 'django_python3_ldap.utils.sync_user_relations'
LDAP_AUTH_FORMAT_SEARCH_FILTERS = 'django_python3_ldap.utils.format_search_filters'
LDAP_AUTH_FORMAT_USERNAME = 'django_python3_ldap.utils.format_username_active_directory'
LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN = 'COMPANY'
LDAP_AUTH_CONNECTION_USERNAME = None
#LDAP_AUTH_CONNECTION_USERNAME = 'COMPANYe000520'
LDAP_AUTH_CONNECTION_PASSWORD = None
LDAP_AUTH_CONNECT_TIMEOUT = None
LDAP_AUTH_RECEIVE_TIMEOUT = None
AUTHENTICATION_BACKENDS = (
'django_python3_ldap.auth.LDAPBackend',
'django.contrib.auth.backends.ModelBackend',
)`

views.py

`def ldap_login(request): #This corresponds to my homepage
if request.POST:
username = request.POST['username']
password = request.POST['password']
print ('username: {0}'.format(username))
print ('password: {0}'.format(password))
ldap_auth_search_dn = '{}{}'.format(settings.LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN, username)
print ('ldap_auth_search_dn: {0}'.format(ldap_auth_search_dn))

The weird thing is no error messages are been thrown, but then the functionality of my code is not working as expected either. At first, I was unable to connect properly and was receiving:
CommandError: Could not connect to LDAP server

But then figured out due to some friendly advice that I need to change my settings to accomodate for AD and not OpenLDAP. Btw, I'm using Python3 and Django1.11.

This leads to me a few questions about my configuration:

1. Note the print statements in the view.py. These are to verify the un/pw, and user status. When runserver is executed, the usual Django output is given ('Performing system checks...' etc.) Then surprisingly the following are given once a refresh of the homepage is made:

(i) Why are my last credentials being used, before I even input these details into the fields in my web page? Why are my last credentials stored and is there a way to somehow reset these automatically? I tried a 'python manage.py flush', which seems to work. Only when a ctrl+c doesn't seem to flush the credentials.
(ii) Even when I input the un/pw credentials on my page and click login, and the print statements then show the new (and correct) credentials, the 'user' is still None, but I don't understand why. Why is my user credentials not authenticating?

2. Admittedly I'm no Django nor LDAP expert, so some of the settings are still unclear to me. Perhaps a better understanding could help me to achieve a correct configuration:
   (i) What is correct parameter for LDAP_AUTH_USE_TLS?
   (ii) How should a LDAP_AUTH_SEARCH_BASE normally look like? Does it include for example the 'ou'?
   (iii) should LDAP_AUTH_CONNECTION_USERNAME and LDAP_AUTH_CONNECTION_PASSWORD contain a un/pw, if these are the very things being requested on my login page?
   (iv) The contents of LDAP_AUTH_OBJECT_CLASS are unclear to me, and I'm not sure what parameter should be included here. Any tips?
   (v) Same as (iv), but for LDAP_AUTH_USER_FIELDS?

This quickstart demonstrates how to use Python to connect to an Azure Database for MySQL. It uses SQL statements to query, insert, update, and delete data in the database from Mac OS, Ubuntu Linux, and Windows platforms. This topic assumes that you are familiar with developing using Python and that you are new to working with Azure Database for MySQL.

Prerequisites

This quickstart uses the resources created in either of these guides as a starting point:

Install Python and the MySQL connector

Install Python and the MySQL connector for Python on your own machine. Depending on your platform, follow the steps in the appropriate section below.

Note

This quickstart uses a raw SQL query approach to connect to MySQL to run queries. If you are using a web framework, use the recommended connector for those frameworks. For example, mysqlclient is suggested for use with Django.

Windows

1. Download and Install Python 2.7 from python.org.
2. Check the Python installation by launching the command prompt. Run the command C:python27python.exe -V using the uppercase V switch to see the version number.
3. Install the Python connector for MySQL from mysql.com corresponding to your version of Python.

Linux (Ubuntu)

1. In Linux (Ubuntu), Python is typically installed as part of the default installation.

2. Check the Python installation by launching the bash shell. Run the command python -V using the uppercase V switch to see the version number.

3. Check the PIP installation by running the pip show pip -V command to see the version number.

4. PIP may be included in some versions of Python. If PIP is not installed, you may install the PIP package, by running command sudo apt-get install python-pip.

5. Update PIP to the latest version, by running the pip install -U pip command.

6. Install the MySQL connector for Python, and its dependencies by using the PIP command:

MacOS

1. In Mac OS, Python is typically installed as part of the default OS installation.

2. Check the Python installation by launching the bash shell. Run the command python -V using the uppercase V switch to see the version number.

3. Check the PIP installation by running the pip show pip -V command to see the version number.

4. PIP may be included in some versions of Python. If PIP is not installed, you may install the PIP package.

5. Update PIP to the latest version, by running the pip install -U pip command.

6. Install the MySQL connector for Python, and its dependencies by using the PIP command:

Get connection information

Get the connection information needed to connect to the Azure Database for MySQL. You need the fully qualified server name and login credentials.

1. Log in to the Azure portal.
2. From the left-hand menu in Azure portal, click All resources, and then search for the server you have created (such as mydemoserver).
3. Click the server name.
4. From the server's Overview panel, make a note of the Server name and Server admin login name. If you forget your password, you can also reset the password from this panel.

Run Python code

• Paste the code into a text file, and then save the file into a project folder with file extension .py (such as C:pythonmysqlcreatetable.py or /home/username/pythonmysql/createtable.py).
• To run the code, launch the command prompt or Bash shell. Change directory into your project folder cd pythonmysql. Then type the python command followed by the file name python createtable.py to run the application. On the Windows OS, if python.exe is not found, you may need to provide the full path to the executable or add the Python path into the path environment variable. C:python27python.exe createtable.py

Connect, create table, and insert data

Use the following code to connect to the server, create a table, and load the data by using an INSERT SQL statement.

In the code, the mysql.connector library is imported. The connect() function is used to connect to Azure Database for MySQL using the connection arguments in the config collection. The code uses a cursor on the connection, and method cursor.execute() executes the SQL query against MySQL database.

Replace the host, user, password, and database parameters with the values that you specified when you created the server and database.

Read data

Use the following code to connect and read the data by using a SELECT SQL statement.

In the code, the mysql.connector library is imported. The connect() function is used to connect to Azure Database for MySQL using the connection arguments in the config collection. The code uses a cursor on the connection, and method cursor.execute() executes the SQL statement against MySQL database. The data rows are read using method fetchall(). The result set is kept in a collection row and a for iterator is used to loop over the rows.

Replace the host, user, password, and database parameters with the values that you specified when you created the server and database.

Update data

Use the following code to connect and update the data by using an UPDATE SQL statement.

In the code, the mysql.connector library is imported. The connect() function is used to connect to Azure Database for MySQL using the connection arguments in the config collection. The code uses a cursor on the connection, and method cursor.execute() executes the SQL statement against MySQL database.

Replace the host, user, password, and database parameters with the values that you specified when you created the server and database.

Delete data

Django Change Password

Use the following code to connect and remove data by using a DELETE SQL statement.

In the code, the mysql.connector library is imported. The connect() function is used to connect to Azure Database for MySQL using the connection arguments in the config collection. The code uses a cursor on the connection, and method cursor.execute() executes the SQL query against MySQL database.

Replace the host, user, password, and database parameters with the values that you specified when you created the server and database.

Next steps