django-ldapdb 1.5.1

Installing django-ldapdb

Using django-ldapdb

Add the following to your settings.py:

DATABASES = {
    'ldap': {
        'ENGINE': 'ldapdb.backends.ldap',
        'NAME': 'ldap://ldap.nodomain.org/',
        'USER': 'cn=admin,dc=nodomain,dc=org',
        'PASSWORD': 'some_secret_password',
     },
    'default': {
        'ENGINE': 'django.db.backends.sqlite3',
        'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
     },
}
DATABASE_ROUTERS = ['ldapdb.router.Router']

If you want to access posixGroup entries in your application, you can add something like this to your models.py:

from ldapdb.models.fields import CharField, IntegerField, ListField
import ldapdb.models

class LdapGroup(ldapdb.models.Model):
    """
    Class for representing an LDAP group entry.
    """
    # LDAP meta-data
    base_dn = "ou=groups,dc=nodomain,dc=org"
    object_classes = ['posixGroup']

    # posixGroup attributes
    gid = IntegerField(db_column='gidNumber', unique=True)
    name = CharField(db_column='cn', max_length=200, primary_key=True)
    members = ListField(db_column='memberUid')

    def __str__(self):
        return self.name

    def __unicode__(self):
        return self.name

and add this to your admin.py:

from django.contrib import admin
from . import models

class LDAPGroupAdmin(admin.ModelAdmin):
    exclude = ['dn', 'objectClass']
    list_display = ['gid', 'name']

admin.site.register(models.LDAPGroup, LDAPGroupAdmin)

Important note:

You must declare an attribute to be used as the primary key. This attribute will play a special role, as it will be used to build the Relative Distinguished Name of the entry.

For instance in the example above, a group whose cn is foo will have the DN cn=foo,ou=groups,dc=nodomain,dc=org.

Supported fields

djanglo-ldapdb provides the following fields, all imported from ldapdb.models.fields:

Similar to Django:

• IntegerField

• FloatField

• BooleanField

• CharField

• ImageField

• DateTimeField

Specific to a LDAP server:

• ListField (holds a list of text values)

• TimestampField (Stores a datetime as a posix timestamp, typically for posixAccount)

Legacy:

• DateField (Stores a date in an arbitrary format. A LDAP server has no notion of Date).

Tuning django-ldapdb

It is possible to adjust django-ldapdb’s behavior by defining a few parameters in the DATABASE section:

PAGE_SIZE (default: 1000)

Define the maximum size of a results page to be returned by the server

QUERY_TIMEOUT (default: no limit)

Define the maximum time in seconds we’ll wait to get a reply from the server (on a per-query basis).

Developing with a LDAP server

When developing against a LDAP server, having access to a development LDAP server often proves useful.

django-ldapdb uses the volatildap project for this purpose:

• A LDAP server is instantiated for each TestClass;

• Its content is reset at the start of each test function;

• It can be customized to embark any schemas required by the application;

• Starting with volatildap 1.4.0, the volatildap server can be controlled remotely, avoiding the need to install a LDAP server on the host.

Applications using django-ldapdb may use the following code snippet when setting up their tests:

# This snippet is released in the Public Domain

from django.conf import settings
from django.test import TestCase

import volatildap

class LdapEnabledTestCase(TestCase):
    @classmethod
    def setUpClass(cls):
        super().setUpClass()
        cls.ldap = volatildap.LdapServer(
            # Load some initial data
            initial={'ou=people': {
                'ou': ['people'],
                'objectClass': ['organizationalUnit'],
            }},
            # Enable more LDAP schemas
            schemas=['core.schema', 'cosine.schema', 'inetorgperson.schema', 'nis.schema'],
        )
        # The volatildap server uses specific defaults, and listens on an arbitrary port.
        # Copy the server-side values to Django settings
        settings.DATABASES['ldap']['USER'] = cls.ldap.rootdn
        settings.DATABASES['ldap']['PASSWORD'] = cls.ldap.rootpw
        settings.DATABASES['ldap']['NAME'] = cls.ldap.uri

    def setUp(self):
        super().setUp()
        # Starting an already-started volatildap server performs a data reset
        self.ldap.start()

    @classmethod
    def tearDownClass(cls):
        # Free up resources on teardown.
        cls.ldap.stop()
        super().tearDownClass()