LDAP not working

Asked by Tobias

Trying to use LDAP with Graphite.

I am using a python3 virtual environment.

Here are my LDAP settings in local_settings.py:

DEBUG = True
### LDAP authentication setup
USE_LDAP_AUTH = True
LDAP_SERVER = "serveraddress"
LDAP_PORT = 1234
LDAP_USE_TLS = False
### Manual URI / query setup
LDAP_URI = "ldaps://serveraddress:1234"
LDAP_SEARCH_BASE = "ou=users,o=company"
LDAP_BASE_USER = "cn=user,ou=users,o=company"
LDAP_BASE_PASS = "*******"
LDAP_USER_QUERY = "(cn=%s)"

I have the following python modules:
asgiref==3.3.0
attrs==20.2.0
Automat==20.2.0
cairocffi==1.1.0
cffi==1.14.3
Django==2.2
django-tagging==0.4.3
graphite-web==1.1.7
mod-wsgi==4.7.1
psycopg2-binary==2.8.6
pyasn1==0.4.8
pyasn1-modules==0.2.8
pycparser==2.20
pyparsing==2.4.7
python-ldap==3.3.1
python-memcached==1.59
python3-ldap==0.9.8.4
pytz==2020.1
scandir==1.10.0
six==1.15.0
sqlparse==0.4.1
urllib3==1.25.11
whisper==1.1.7
zope.interface==5.1.2

When I tcpdump on the destination port for the ldap server I don't see any traffic at all. It seems Graphite doesn't even try.

If I try ldap client in python command line I see the traffic with tcpdump. nc -v ldapserver 1234 also works.

I also tried disabling selinux but no difference.

Connecting with ldap client works well so no network issues.

Does it not work with python3?

Question information

Language:
English Edit question
Status:
Solved
For:
Graphite Edit question
Assignee:
No assignee Edit question
Solved by:
Piotr Popieluch
Solved:
Last query:
Last reply:
Revision history for this message
Piotr Popieluch (piotr1212) said :
#1

Nothing in logs? ldap module is missing in your list.

Revision history for this message
Tobias (lindqt01) said :
#2

Thanks for your reply.

I see nothing in the logs that helps me. Only a POST in the access log to /account/login or similar. And tcpdump does not indicate that there is any outgoing traffic to the ldap port either. I see traffic when I generate requests from the python shell.

I thought I only needed python-ldap==3.3.1

Am I missing something here?

Revision history for this message
Best Piotr Popieluch (piotr1212) said :
#3

There must be something in the info or exception log. My intuition says that something in Django must have changed with the way these authentication middleware have to be loaded.

I don't think many people still use Graphite dashboards so nobody needs ldap in the application, wouldn't surprise me if this is broken for years.

Revision history for this message
Tobias (lindqt01) said :
#4

OK, I will just forget about it then. It is not worth the hassle. Thanks for the reply and have a nice weekend!

Revision history for this message
Tobias (lindqt01) said :
#5

Thanks Piotr Popieluch, that solved my question.