Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Can't get user groups: TypeError: search_ext() argument 1 must be str, not LDAPGroupQuery #390

New issue
New issue
Open
Open
Can't get user groups: TypeError: search_ext() argument 1 must be str, not LDAPGroupQuery#390
@alevikpes

Description

@alevikpes
alevikpes
opened on May 2, 2025

I implemented the group restrictions on the user and it all works great. I have 2 groups with OR condition, but a user may be a member of both. I want to assign the corresponding group(s) to the user in django when authenticating. I have the same groups in django created in advance.

I have also AUTH_LDAP_USER_FLAGS_BY_GROUP setup for my groups, but it seems not doing anything:

AUTH_LDAP_USER_FLAGS_BY_GROUP = {
    'group1': 'cn=group1,ou=groups,dc=example,dc=com',
    'group1': 'cn=group1,ou=groups,dc=example,dc=com',
}

I am trying to get the user's groups from LDAP while authenticating in the custom backend:

class LDAPBackend2(LDAPBackend):
    settings_prefix = 'AUTH_LDAP_2_'

    def authenticate_ldap_user(self, ldap_user, password):
        print(f'ldap_user groups: {ldap_user._get_groups().get_group_names()}')
        user = super().authenticate_ldap_user(ldap_user, password)
        return user

It fails on the ldap_user._get_groups().get_group_names() with a python_ldap error. It looks like I give all the correct arguments (there are no arguments). I use LDAPGroupQuery to search the groups.

Here is the Traceback:

  File "/.../ldap_backends.py", line 20, in authenticate_ldap_user
    print(f'ldap_user groups: {ldap_user._get_groups().get_group_names()}')
                               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^
  File "/.../venv/lib64/python3.13/site-packages/django_auth_ldap/backend.py", line 947, in get_group_names
    group_infos = self._get_group_infos()
  File "/.../venv/lib64/python3.13/site-packages/django_auth_ldap/backend.py", line 994, in _get_group_infos
    self._group_infos = self._group_type.user_groups(
                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
        self._ldap_user, self._group_search
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/.../venv/lib64/python3.13/site-packages/django_auth_ldap/config.py", line 480, in user_groups
    groups = search.execute(ldap_user.connection)
  File "/.../venv/lib64/python3.13/site-packages/django_auth_ldap/config.py", line 204, in execute
    results = connection.search_s(
        self.base_dn, self.scope, filterstr, self.attrlist
    )
  File "/.../venv/lib64/python3.13/site-packages/ldap/ldapobject.py", line 631, in search_s
    return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
           ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/.../venv/lib64/python3.13/site-packages/ldap/ldapobject.py", line 624, in search_ext_s
    msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
  File "/.../venv/lib64/python3.13/site-packages/ldap/ldapobject.py", line 614, in search_ext
    return self._ldap_call(
           ~~~~~~~~~~~~~~~^
      self._l.search_ext,
      ^^^^^^^^^^^^^^^^^^^
    ...<4 lines>...
      timeout,sizelimit,
      ^^^^^^^^^^^^^^^^^^
    )
    ^
  File "/.../venv/lib64/python3.13/site-packages/ldap/ldapobject.py", line 128, in _ldap_call
    result = func(*args,**kwargs)
TypeError: search_ext() argument 1 must be str, not LDAPGroupQuery

Getting groups from LDAP seems like a trivial and desired action. Let me know, please, how to do it correctly.
Thank you.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions