Hello,

I succeed logging in Active Directory through ldap3. However, I think your lib would be very convenient through Flask.

But auth fails...
I think my misunderstanding of LDAP makes me failing to fill the configuration variables.

My user (successfully authenticated through ldap3 lib) is of the form:
"CN=USER1234,OU=Users,OU=Accounts,OU=FR,OU=MyOrg,DC=dc1,DC=dc2,DC=dc3,DC=dc4"

What would be the values of those variables:
LDAP_BASE_DN, LDAP_USER_DN, LDAP_GROUP_DN, LDAP_USER_RDN_ATTR, LDAP_USER_LOGIN_ATTR.

Thanks if you can provide some help!

Hi, thanks for opening an issue. You can read about each of the configuration options here: https://flask-ldap3-login.readthedocs.io/en/latest/configuration.html. You can see default values for each config option here.

It's very hard to tell you what parameters you should be using without having an in depth understanding of your situation; however:

LDAP_BASE_DN='OU=Accounts,OU=FR,OU=MyOrg,DC=dc1,DC=dc2,DC=dc3,DC=dc4'
LDAP_USER_DN='OU=Users'
LDAP_GROUP_DN='OU=Groups' # Assuming your AD groups exist within OU=Groups,OU=Accounts,OU=FR,OU=MyOrg,DC=dc1,DC=dc2,DC=dc3,DC=dc4
LDAP_USER_RDN_ATTR='uid' # the unique user identifier for the user. Once again, You'll need to investigate this within your own AD configuration.
LDAP_USER_LOGIN_ATTR='username' # The LDAP attribute you want users to be able log in with. Once again this will be up to your own AD configuration.

Hello Nick,

Was on vacations. Thanks for your reply. Unfortunately, changing those variables didn't work.
I'm so uninformed about AD/LDAP vacabulary and terms, that I might not understand all those variables' meaning...
However, I made it work with ldap3 module. My way might not be as elaborated as yours, but it does the tricks right now.
You may close this issue cause problem could come from my misunderstanding of the AD/LDAPdomain.

Great to hear you got your own solution working 👍 Thanks for letting me know.