Programming123 Programming123 - 7 months ago 28
Python Question

django-auth-ldap AUTH_LDAP_FIND_GROUPS_PERMS not working

I'm running Django 1.8.18 and django-auth-ldap 1.2.11 authenticating against Active Directory.

My current configuration authenticates properly against the AD, however, when I enabled

AUTH_LDAP_FIND_GROUPS_PERMS
it doesn't seem to do anything. I've previously tried
AUTH_LDAP_MIRROR_GROUPS
(which works without any problem), and found all of the user's groups created. The only slight issue is that it also remove any local group memberships the user had.

In any case, after having the groups auto-created by
AUTH_LDAP_MIRROR_GROUPS
I would expect
AUTH_LDAP_FIND_GROUPS_PERMS
would auto-add the user to that same group on the next login. However, this did not happen. The only change in configuration was those two lines. The
AUTH_LDAP_GROUP_TYPE
is set to
NestedActiveDirectoryGroupType()


Any ideas why users aren't being added to the groups with matching names?

Answer Source

Turns out that AUTH_LDAP_FIND_GROUPS_PERMS doesn't actually add users to a group, but virtually adds them to it making sure their permissions respond as if they are in the groups that match names.