LDAP 绑定失败:LDAPOperationsErrorResult - 1 - operationsError - None - 000004DC: LdapErr: DSID-0C090A5C,

LDAP bind failed: LDAPOperationsErrorResult - 1 - operationsError - None - 000004DC: LdapErr: DSID-0C090A5C,

我正在使用“django-python3-ldap”。我已经通过命令“./manage.py ldap_sync_users”

设置了所有同步用户

这显示了以下绑定错误

LDAP connect succeeded LDAP bind failed: LDAPOperationsErrorResult - 1 - operationsError - None - 000004DC: LdapErr: DSID-0C090A5C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v4563 - searchResDone - None Traceback (most recent call last): File "/usr/local/lib/python3.5/dist-packages/django_python3_ldap/ldap.py", line 182, in connection yield Connection(c) File "/usr/local/lib/python3.5/dist-packages/django_python3_ldap/management/commands/ldap_sync_users.py", line 24, in handle for user in connection.iter_users(): File "/usr/local/lib/python3.5/dist-packages/django_python3_ldap/ldap.py", line 93, in <genexpr> self._get_or_create_user(entry) File "/usr/local/lib/python3.5/dist-packages/ldap3/extend/standard/PagedSearch.py", line 68, in paged_search_generator None if cookie is True else cookie) File "/usr/local/lib/python3.5/dist-packages/ldap3/core/connection.py", line 853, in search response = self.post_send_search(self.send('searchRequest', request, controls)) File "/usr/local/lib/python3.5/dist-packages/ldap3/strategy/sync.py", line 178, in post_send_search responses, result = self.get_response(message_id) File "/usr/local/lib/python3.5/dist-packages/ldap3/strategy/base.py", line 403, in get_response raise LDAPOperationResult(result=result['result'], description=result['description'], dn=result['dn'], message=result['message'], response_type=result['type']) ldap3.core.exceptions.LDAPOperationsErrorResult: LDAPOperationsErrorResult - 1 - operationsError - None - 000004DC: LdapErr: DSID-0C090A5C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v4563 - searchResDone - None

这是我的设置文件

` # LDAP 服务器的 URL。 LDAP_AUTH_URL = "ldaps://example.com:636"

# Initiate TLS on connection.
LDAP_AUTH_USE_TLS = True

# The LDAP search base for looking up users.
LDAP_AUTH_SEARCH_BASE = "---correct search base is provided---


# User model fields mapped to the LDAP
# attributes that represent them.
LDAP_AUTH_USER_FIELDS = {
    # "username": "userPrincipalName",
    "username": "sAMAccountName",
    "first_name": "givenName",
    "last_name": "sn",
    "email": "mail",
}

LDAP_AUTH_OBJECT_CLASS = "user"
# LDAP_AUTH_OBJECT_CLASS = "inetOrgPerson"

LDAP_AUTH_USER_LOOKUP_FIELDS = ("username",)

LDAP_AUTH_CLEAN_USER_DATA = "django_python3_ldap.utils.clean_user_data"

LDAP_AUTH_SYNC_USER_RELATIONS = "django_python3_ldap.utils.sync_user_relations"
LDAP_AUTH_FORMAT_SEARCH_FILTERS = "django_python3_ldap.utils.format_search_filters"

LDAP_AUTH_FORMAT_USERNAME = "django_python3_ldap.utils.format_username_active_directory_principal"

LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN = "https://www.example.com/"

LDAP_AUTH_CONNECTION_USERNAME = None
LDAP_AUTH_CONNECTION_PASSWORD = None

LDAP_AUTH_CONNECT_TIMEOUT = None
LDAP_AUTH_RECEIVE_TIMEOUT = None

AUTHENTICATION_BACKENDS = (
    'django_python3_ldap.auth.LDAPBackend',
    'django.contrib.auth.backends.ModelBackend',  # this is default
    'guardian.backends.ObjectPermissionBackend',  # guardian dependencies
)

`

知道我做错了什么吗?

我不了解 Django,但我看到了一些东西:

LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN = "https://www.example.com/"

根据我看到的文档,这不应该是 URL。它应该只是您的 AD 域的域名,如下所示:

LDAP_AUTH_ACTIVE_DIRECTORY_DOMAIN = "example.com"

另外,这个:

LDAP_AUTH_CONNECTION_USERNAME = None
LDAP_AUTH_CONNECTION_PASSWORD = None

这意味着您正在尝试匿名绑定,大多数域都不允许这样做。