FAQ
Frequently Asked Questions
Installation
-
SyntaxError: ...
-
You are probably running a wrong Python version or the configuration module
is screwed up.
See required software
before starting web2ldap.
-
ImportError: No module named ldap
-
The python-ldap module was not found.
Install all required software
before starting web2ldap.
-
I've installed some packages coming with my favourite Linux
distribution and get strange errors with...
-
Please check whether packages coming with your distribution
match the list of
required software before starting web2ldap.
-
I have started web2ldap in stand-alone mode. It runs and accessing it
from localhost works but I cannot access it over my network.
What is wrong?
-
For security reasons web2ldap does not bind to every interface
in your system as default like other network demons do. You have
to explicitly bind to a specific network interface by using
command line option -l.
web2ldap -l my.public.ether.addr:port
You can enable binding to all interfaces by
web2ldap -l 0.0.0.0:port
Since web2ldap 0.11.20 there is
a stand-alone configuration option
web2ldapcnf.standalone.bind_address for this purpose.
Also watch out for stand-alone configuration option
web2ldapcnf.standalone.access_allowed which limits the client's
IP addresses allowed to access the built-in web server.
-
Is it possible to run web2ldap under Windows (Win32)?
-
Yes. You have to grab a Win32 build of
python-ldap.
-
NameError: global name 'threading' is not defined
-
Your Python interpreter seems to have thread support disabled.
You can solve that by building Python with
configure
--with-threads
.
-
I experience problems with session hijacking detection when
accessing web2ldap through a web proxy.
-
Check out configuration parameter
web2ldapcnf.misc.session_checkvars
and especially read the note about REMOTE_ADDR and REMOTE_HOST.
Customizing
See also extra page customizing UI.
-
I want to avoid displaying the raw DNs in the search
result table. How to do that?
-
There are several possibilities:
-
Use configuration parameter
search_tablistattrs.
-
Use configuration parameter
search_tdtemplate.
-
Add the attribute displayName to your LDAP entry if
appropriate in your schema (e.g. in object class inetOrgPerson).
-
I would like to setup some automatically filled fields. E.g.
automatically set the cn (common name) attribute with
the concatenation of values of the attributes
givenName and sn (surname).
-
There are two ways of achieving something like this:
-
Use LDIF templates for defining defaults for attributes when
adding new entries (see host-/backend-specific paramter
addform_entry_templates).
-
Implement a plug-in class
for the attribute type.
-
I would like to define a "select" item for certain input fields.
-
This can be easily done by defining a plug-in class based on
base class w2lapp.schema.syntaxes.SelectList
and register it as a LDAP syntax handler or explicitly for an attribute type.
A simple example can be found in file
pylib/w2lapp/schema/plugins/msperson.py.
In some cases the select list can also be defined based
on LDAP URLs specifying a dynamic result set used for select options.
-
How to customize the HTML output to use different colors,
different font size, etc.?
-
Customization of layout can be done by defining a CSS file
(cascaded
style sheet). Almost all important HTML elements have own
id or class attributes which can be used to
define their appearance.
Have a look at the example CSS files shipped with the source
distribution package.
User Interface
-
I would like to upload a photo, a certificate or other binary
attribute data. Is that possible?
-
Yes. But up to now only a single value is supported per attribute.
Uploading multiple binary attribute values is currently only possible
via LDIF when adding or modifying an entry.
You have to convert your binary data with a LDIF tool first
and cut&paste its output into the LDIF input field
or provide a URL in the LDIF line (see global configuration
parameter
web2ldapcnf.misc.ldif_url_schemes).
-
I would like to delete a photo, a certificate or other binary
attribute data. Is that possible?
-
Yes, it is possible since
version 0.10.0.
An addtional [Delete] link is shown for binary attributes. Note
that in case of multi-valued attributes all attribute
values are deleted. You cannot delete a single chosen
attribute value.
Integration
-
I want to refer to the web2ldap gateway from a web page.
Is there a way to get a persistent URL?
-
Yes, you can use any RFC4516-compliant LDAP URL as query string.
The safest way is to use the URL-encoded scheme.
Example:
http://demo.web2ldap.de:1760/web2ldap?ldap://ldap.openldap.org/dc=openldap,dc=org
The specific examples on the demo page
might give you some more ideas.
-
Is there some way of nifty browser integration?
-
Yes, check out the directory htdocs/sidebars or the
demo sidebar
which contains HTML examples for using side-bars of modern browsers
(Mozilla, Opera) as entry point. Make sure to use LDAP URLs!
With Mozilla you can also use
Custom Keywords.
-
Is Kerberos-based authentication supported?
-
Yes. python-ldap has to been built with SASL/GSSAPI support (see also
python-ldap's installation instructions)
and web2ldap has to be started in stand-alone mode by the end-user to use his/her
ticket granting ticket (TGT).