LDAP not working

Asked by Tobias on 2020-10-29

Trying to use LDAP with Graphite.

I am using a python3 virtual environment.

Here are my LDAP settings in local_settings.py:

DEBUG = True
### LDAP authentication setup
USE_LDAP_AUTH = True
LDAP_SERVER = "serveraddress"
LDAP_PORT = 1234
LDAP_USE_TLS = False
### Manual URI / query setup
LDAP_URI = "ldaps://serveraddress:1234"
LDAP_SEARCH_BASE = "ou=users,o=company"
LDAP_BASE_USER = "cn=user,ou=users,o=company"
LDAP_BASE_PASS = "*******"
LDAP_USER_QUERY = "(cn=%s)"

I have the following python modules:
asgiref==3.3.0
attrs==20.2.0
Automat==20.2.0
cairocffi==1.1.0
cffi==1.14.3
Django==2.2
django-tagging==0.4.3
graphite-web==1.1.7
mod-wsgi==4.7.1
psycopg2-binary==2.8.6
pyasn1==0.4.8
pyasn1-modules==0.2.8
pycparser==2.20
pyparsing==2.4.7
python-ldap==3.3.1
python-memcached==1.59
python3-ldap==0.9.8.4
pytz==2020.1
scandir==1.10.0
six==1.15.0
sqlparse==0.4.1
urllib3==1.25.11
whisper==1.1.7
zope.interface==5.1.2

When I tcpdump on the destination port for the ldap server I don't see any traffic at all. It seems Graphite doesn't even try.

If I try ldap client in python command line I see the traffic with tcpdump. nc -v ldapserver 1234 also works.

I also tried disabling selinux but no difference.

Connecting with ldap client works well so no network issues.

Does it not work with python3?

Question information

Language:
English Edit question
Status:
Solved
For:
Graphite Edit question
Assignee:
No assignee Edit question
Solved by:
Piotr Popieluch
Solved:
2020-10-30
Last query:
2020-10-30
Last reply:
2020-10-30
Piotr Popieluch (piotr1212) said : #1

Nothing in logs? ldap module is missing in your list.

Tobias (lindqt01) said : #2

Thanks for your reply.

I see nothing in the logs that helps me. Only a POST in the access log to /account/login or similar. And tcpdump does not indicate that there is any outgoing traffic to the ldap port either. I see traffic when I generate requests from the python shell.

I thought I only needed python-ldap==3.3.1

Am I missing something here?

Best Piotr Popieluch (piotr1212) said : #3

There must be something in the info or exception log. My intuition says that something in Django must have changed with the way these authentication middleware have to be loaded.

I don't think many people still use Graphite dashboards so nobody needs ldap in the application, wouldn't surprise me if this is broken for years.

Tobias (lindqt01) said : #4

OK, I will just forget about it then. It is not worth the hassle. Thanks for the reply and have a nice weekend!

Tobias (lindqt01) said : #5

Thanks Piotr Popieluch, that solved my question.