django-ldapdb is an LDAP database backend for Django, allowing to manipulate
LDAP entries through Django models.
It supports most of the same APIs as a Django model:
MyModel.objects.create()MyModel.objects.filter(x=1, y__contains=2)- Full admin support and browsing
django-ldapdb supports Django versions 1.11 / 2.0 / 2.1, and Python 2.7 / 3.4 / 3.5 / 3.6 / 3.7,
as far as the Django and Python versions are compatible.
Use pip: pip install django-ldapdb
You might also need the usual LDAP packages from your distribution, usually named openldap or ldap-utils.
django-ldapdb depends on the python-ldap <https://pypi.python.org/pypi/python-ldap> project.
Either follow its Windows installation guide,
or install a pre-built version from https://www.lfd.uci.edu/~gohlke/pythonlibs/#python-ldap
(choose the .whl file matching your Python/Windows combination, and install it with pip install python-ldap-3...whl).
and then you can also install django-ldapdb with
pip install django-ldapdb
Add the following to your settings.py:
DATABASES = {
'ldap': {
'ENGINE': 'ldapdb.backends.ldap',
'NAME': 'ldap://ldap.nodomain.org/',
'USER': 'cn=admin,dc=nodomain,dc=org',
'PASSWORD': 'some_secret_password',
},
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
},
}
DATABASE_ROUTERS = ['ldapdb.router.Router']If you want to access posixGroup entries in your application, you can add
something like this to your models.py:
from ldapdb.models.fields import CharField, IntegerField, ListField
import ldapdb.models
class LdapGroup(ldapdb.models.Model):
"""
Class for representing an LDAP group entry.
"""
# LDAP meta-data
base_dn = "ou=groups,dc=nodomain,dc=org"
object_classes = ['posixGroup']
# posixGroup attributes
gid = IntegerField(db_column='gidNumber', unique=True)
name = CharField(db_column='cn', max_length=200, primary_key=True)
members = ListField(db_column='memberUid')
def __str__(self):
return self.name
def __unicode__(self):
return self.nameand add this to your admin.py:
from django.contrib import admin
from . import models
class LDAPGroupAdmin(admin.ModelAdmin):
exclude = ['dn', 'objectClass']
list_display = ['gid', 'name']
admin.site.register(models.LDAPGroup, LDAPGroupAdmin)- Important note:
You must declare an attribute to be used as the primary key. This attribute will play a special role, as it will be used to build the Relative Distinguished Name of the entry.
For instance in the example above, a group whose cn is
foowill have the DNcn=foo,ou=groups,dc=nodomain,dc=org.
djanglo-ldapdb provides the following fields, all imported from ldapdb.models.fields:
Similar to Django:
IntegerFieldFloatFieldCharFieldImageFieldDateTimeField
- Specific to a LDAP server:
ListField(holds a list of text values)TimestampField(Stores a datetime as a posix timestamp, typically for posixAccount)
- Legacy:
DateField(Stores a date in an arbitrary format. A LDAP server has no notion ofDate).
It is possible to adjust django-ldapdb's behavior by defining a few parameters in the DATABASE section:
PAGE_SIZE(default:1000)- Define the maximum size of a results page to be returned by the server
QUERY_TIMEOUT(default: no limit)Define the maximum time in seconds we'll wait to get a reply from the server (on a per-query basis).
Note
This setting applies on individual requests; if a high-level operation requires many queries (for instance a paginated search yielding thousands of entries), the timeout will be used on each individual request; the overall processing time might be much higher.