-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ldap configuration #4840
Comments
This is really a FAB (Flask-AppBuilder) question. |
OK, thanks. |
Hi, I am not sure, if it helps, but it could ... we have Microsoft AD and ldap and we are able to successfully login with configuration parameters below. AUTH_TYPE = AUTH_LDAP
AUTH_USER_REGISTRATION = True
AUTH_USER_REGISTRATION_ROLE = "Admin"
AUTH_LDAP_SERVER = "ldap://servername-1.ad.domain.cz"
AUTH_LDAP_SEARCH = "DC=ad,DC=domain,DC=cz"
AUTH_LDAP_BIND_USER = "CN=BISystemUser,OU=Service Accounts,OU=mycompany Users,DC=ad,DC=domain,DC=cz"
AUTH_LDAP_BIND_PASSWORD = "yourPassword"
AUTH_LDAP_UID_FIELD = "sAMAccountName" We are able to login with BISystemUser/yourPassword with tools like jXplorer or any other LDAP tools. HTH! |
If our documentation is lacking it would be nice to update it with whatever may help user in configuring LDAP auth. |
Contributions to the documentation are welcomed! |
Was able to connect to LDAP Test Server With following config
For user
|
@bhasin85 : Thanks it works , don't forget to install this package :
|
I am actually following the same logic as you. And superset is running on the server now. But i cannot log-in with my information written in the configuration file.
What I entered in the log-in page: However, it gives me the error of "Invalid login. Please try again." Does anyone know why? |
The userid MUST match what comes back from LDAP once you turn on LDAP. I got bitten by this too. Does riemann exist in LDAP with password password? |
The LDAP_BIND_* is JUST to allow SuperSet to look at LDAP for users/password, not to log into the app. |
Can anyone tell me if I can use more than one domain? |
Did you manage to fix this? I am facing the same issue. |
Make sure these boxes are checked before submitting your issue - thank you!
Superset version
0.22.1
Expected results
login successfully
Actual results
cannot login in
Steps to reproduce
modify config.py
from flask_appbuilder.security.manager import AUTH_LDAP
AUTH_TYPE = AUTH_LDAP
AUTH_LDAP_SERVER = "ldap://server:port"
AUTH_LDAP_USE_TLS = False
AUTH_LDAP_SEARCH = "dc="
AUTH_LDAP_BIND_USER = "uid=,ou=,dc=,dc="
AUTH_LDAP_BIND_PASSWORD = ""
AUTH_LDAP_UID_FIELD = "sAMAccountName"
AUTH_LDAP_APPEND_DOMAIN = '**'
console in debug mode:
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Starting Superset server in DEBUG mode
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
2018-04-18 19:01:31,195:WARNING:werkzeug: * Debugger is active!
2018-04-18 19:01:31,195:INFO:werkzeug: * Debugger PIN: 859-227-507
2018-04-18 19:02:03,228:INFO:werkzeug:172.22.4.100 - - [18/Apr/2018 19:02:03] "GET /login/ HTTP/1.1" 200 -
2018-04-18 19:02:04,699:INFO:werkzeug:172.22.4.100 - - [18/Apr/2018 19:02:04] "GET /static/appbuilder/css/bootstrap.min.css.map HTTP/1.1" 404 -
2018-04-18 19:02:11,270:INFO:werkzeug:172.22.4.100 - - [18/Apr/2018 19:02:11] "POST /login/ HTTP/1.1" 302 -
2018-04-18 19:02:11,420:INFO:werkzeug:172.22.4.100 - - [18/Apr/2018 19:02:11] "GET /login/ HTTP/1.1" 200 -
2018-04-18 19:02:12,952:INFO:werkzeug:172.22.4.100 - - [18/Apr/2018 19:02:12] "GET /static/appbuilder/css/bootstrap.min.css.map HTTP/1.1" 404 -
2018-04-18 19:02:25,235:INFO:werkzeug:172.22.4.100 - - [18/Apr/2018 19:02:25] "POST /login/ HTTP/1.1" 302 -
2018-04-18 19:02:25,396:INFO:werkzeug:172.22.4.100 - - [18/Apr/2018 19:02:25] "GET /login/ HTTP/1.1" 200 -
2018-04-18 19:02:26,905:INFO:werkzeug:172.22.4.100 - - [18/Apr/2018 19:02:26] "GET /static/appbuilder/css/bootstrap.min.css.map HTTP/1.1" 404 -
however, I cannot login in. LDAP log missed.How could I do to solve it ?
The text was updated successfully, but these errors were encountered: