Hi,
We have developed a frappe based APP by which you can manage your you login through LDAP.
Please consider following link for same:
Your inputs and feedback would be valuable.
Thank You,
Saurabh
10 Likes
@saurabh6790 Awesome!
Couple of quick suggestions
- Add LDAP settings in Setup > LDAP Settings itself. Don’t make a separate icon
- Login Page CSS needs cleanup
- See some code repetition (for example create profile)
But great to finally see a contribution!
I have wondered why LDAP wasn’t offered as a choice for authentication? Google, Facebook, Twitter are but there is a giant market of small/medium businesses that need ERP and could use LDAP as a choice.
Not to control user permissions inside ERP next but just for basic authentication. I also believe that having LDAP as a choice would make ERPNEXT attractive to small/medium businesses.
In the USA there are thousands of small manufactures whose setup looks like this:
Windows Domain controller and client MAC and PC that all authenticate via Active Directory LDAP,
@sambrown777 we have not come across a direct request yet.
Can you test @saurabh6790’s app and verify if it works. Maybe we can add it.
I followed the install instructions and got this. I’m running CentOS 7 and ERPNEXT 4.
bench get-app frappe_ldap GitHub - saurabh6790/frappe_ldap
fatal: destination path ‘frappe_ldap’ already exists and is not an empty directory.
Error: None
warning: Failed to read auxiliary vector, /proc not mounted?
warning: Failed to read auxiliary vector, /proc not mounted?
warning: Failed to read auxiliary vector, /proc not mounted?
warning: Failed to read auxiliary vector, /proc not mounted?
warning: Failed to read auxiliary vector, /proc not mounted?
warning: Failed to read auxiliary vector, /proc not mounted?
warning: Failed to read auxiliary vector, /proc not mounted?
warning: Failed to read auxiliary vector, /proc not mounted?
Traceback (most recent call last):
File “/usr/bin/bench”, line 9, in
load_entry_point(‘bench==0.1’, ‘console_scripts’, ‘bench’)()
File “/home/frappe/bench-repo/bench/cli.py”, line 55, in cli
bench()
File “/usr/lib/python2.7/site-packages/click/core.py”, line 610, in call
return self.main(*args, **kwargs)
File “/usr/lib/python2.7/site-packages/click/core.py”, line 590, in main
rv = self.invoke(ctx)
File “/usr/lib/python2.7/site-packages/click/core.py”, line 936, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File “/usr/lib/python2.7/site-packages/click/core.py”, line 782, in invoke
return ctx.invoke(self.callback, **ctx.params)
File “/usr/lib/python2.7/site-packages/click/core.py”, line 416, in invoke
return callback(*args, **kwargs)
File “/home/frappe/bench-repo/bench/cli.py”, line 167, in get_app
_get_app(name, git_url, branch=branch)
File “/home/frappe/bench-repo/bench/app.py”, line 52, in get_app
cwd=os.path.join(bench, ‘apps’))
File “/home/frappe/bench-repo/bench/utils.py”, line 72, in exec_cmd
subprocess.check_call(cmd, cwd=cwd, shell=True)
File “/usr/lib64/python2.7/subprocess.py”, line 542, in check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command ‘git clone GitHub - saurabh6790/frappe_ldap --origin upstream frappe_ldap’ returned non-zero exit status 128
Hello
I would recommend http://www.linotp.org/ or something similar.
As there is just so much going on in a business these days.
With this you can sync all your users across from erpnext to the other systems you need authentication services on.
Central control for accounts.
OTP has become quite mainstream these days.
Where I feel (My opinion only) ldap is more of a backend like mysql is.
Kind regards
Hi @sambrown777 we manage to install it. Here some quick pointer 1st be sure to connect to the good env when doing the pip update.
source env/bin/activate
use pip install python-ldap
After you can do :
sudo apt-get install python-dev libldap2-dev libsasl2-dev libssl-dev
It can also be that you already try to install it and fail… In that case try removing it from MariaDB and delete the module in frappe_bench/app
And start the process again.
And also we never manage to connect it to active directory…
We will be looking soon if it work with open LDAP.
Having trouble getting it installed on Ubuntu 14.04, get ldap module error even after installing python-ldap via pip. any insight/ideas?
When installed from the Desk I get:
Traceback (innermost last):
File "/home/frappe/frappe-bench/apps/frappe/frappe/app.py", line 51, in application
response = frappe.handler.handle()
File "/home/frappe/frappe-bench/apps/frappe/frappe/handler.py", line 69, in handle
execute_cmd(cmd)
File "/home/frappe/frappe-bench/apps/frappe/frappe/handler.py", line 92, in execute_cmd
ret = frappe.call(method, **frappe.form_dict)
File "/home/frappe/frappe-bench/apps/frappe/frappe/__init__.py", line 751, in call
return fn(*args, **newargs)
File "/home/frappe/frappe-bench/apps/frappe/frappe/desk/page/applications/applications.py", line 36, in install_app
frappe.installer.install_app(name)
File "/home/frappe/frappe-bench/apps/frappe/frappe/installer.py", line 122, in install_app
sync_for(name, force=True, sync_everything=True, verbose=verbose)
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/sync.py", line 43, in sync_for
import_file_by_path(doc_path, force=force)
File "/home/frappe/frappe-bench/apps/frappe/frappe/modules/import_file.py", line 54, in import_file_by_path
import_doc(doc, force=force, data_import=data_import)
File "/home/frappe/frappe-bench/apps/frappe/frappe/modules/import_file.py", line 120, in import_doc
doc.insert()
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/document.py", line 196, in insert
self.run_post_save_methods()
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/document.py", line 561, in run_post_save_methods
self.run_method("on_update")
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/document.py", line 509, in run_method
return Document.hook(fn)(self, *args, **kwargs)
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/document.py", line 625, in composer
return composed(self, method, *args, **kwargs)
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/document.py", line 608, in runner
add_to_return_value(self, fn(self, *args, **kwargs))
File "/home/frappe/frappe-bench/apps/frappe/frappe/model/document.py", line 503, in
fn = lambda self, *args, **kwargs: getattr(self, method)(*args, **kwargs)
File "/home/frappe/frappe-bench/apps/frappe/frappe/core/doctype/doctype/doctype.py", line 114, in on_update
self.run_module_method("on_doctype_update")
File "/home/frappe/frappe-bench/apps/frappe/frappe/core/doctype/doctype/doctype.py", line 123, in run_module_method
module = load_doctype_module(self.name, self.module)
File "/home/frappe/frappe-bench/apps/frappe/frappe/modules/__init__.py", line 64, in load_doctype_module
doctype_python_modules[key] = frappe.get_module(get_module_name(doctype, module, prefix))
File "/home/frappe/frappe-bench/apps/frappe/frappe/__init__.py", line 564, in get_module
return importlib.import_module(modulename)
File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module
__import__(name)
File "/home/frappe/frappe-bench/apps/frappe_ldap/frappe_ldap/ldap/doctype/ldap_settings/ldap_settings.py", line 7, in
import ldap
ImportError: No module named ldap
Hi midasgt,
Activate frappe’s environment and install python ldap.
Regards,
Saurabh
Hello Folks,
We have fixed some major issues and releasing app on git GitHub - saurabh6790/frappe_ldap
Updated Areas,
- login
- Scheduler through User sync
For testing fixes and app we have used online LDAP system, available at, Online LDAP Test Server - Forum Systems
NOTE :
Role Assignment, LDAP application will check description parameter mentioned under ldap user hierarchy. If that not exits then system allocates default role to User. Default Role(LDAP Role) assigns, Employee and HR User role of ERPNext to particular user.
Default role is available under Setup > LDAP ERP Role Mapper. You can modify this as per your requirement.
Regards,
Saurabh
New Indictranstech Pvt Ltd
Why don’t you add it to requirements.txt?
1 Like
I must be missing something somewhere then, I followed the install instructions and thought I was activating it… I’m doing this on Ubuntu 14.04LTS
I ran the activate command and still cannot find where to setup the LDAP.
Nice 
Hope it works with FreeIPA server ?
1 Like
@midasgt I installed in Ubuntu 14.04LTS. I did the following -
sudo apt-get install python-dev libldap2-dev libsasl2-dev libssl-dev
source env/bin/activate
pip install python-ldap
Then, It gave an error on missing login.css. I had to copy login.css and login.js from /home/frappe/frappe-bench/apps/frappe/frappe/templates/includes/login folder to /home/frappe/frappe-bench/apps/frappe/frappe/templates/includes folder.
Once this is done, I got it working to the extent of seeing the ldap login page.
Hope it helps you.
@saurabh6790 Once I give login details to ldap, I get the following error -
`Traceback (innermost last):
File “/home/frappe/frappe-bench/apps/frappe/frappe/app.py”, line 54, in application
response = frappe.api.handle()
File “/home/frappe/frappe-bench/apps/frappe/frappe/api.py”, line 50, in handle
return frappe.handler.handle()
File “/home/frappe/frappe-bench/apps/frappe/frappe/handler.py”, line 69, in handle
execute_cmd(cmd)
File “/home/frappe/frappe-bench/apps/frappe/frappe/handler.py”, line 92, in execute_cmd
ret = frappe.call(method, **frappe.form_dict)
File “/home/frappe/frappe-bench/apps/frappe/frappe/init.py”, line 751, in call
return fn(*args, **newargs)
File “/home/frappe/frappe-bench/apps/frappe_ldap/frappe_ldap/templates/pages/ldap_login.py”, line 11, in ldap_login
user=ldap_authentication(user, pwd)
File “/home/frappe/frappe-bench/apps/frappe_ldap/frappe_ldap/templates/pages/ldap_login.py”, line 27, in ldap_authentication
user, user_id, status, role = ldap_auth(user,pwd,server_details)
File “/home/frappe/frappe-bench/apps/frappe_ldap/frappe_ldap/templates/pages/ldap_login.py”, line 41, in ldap_auth
conn, user_dn, base_dn = set_ldap_connection(server_details)
File “/home/frappe/frappe-bench/apps/frappe_ldap/frappe_ldap/ldap/doctype/ldap_settings/ldap_settings.py”, line 23, in set_ldap_connection
return connect, user_dn, base_dn
UnboundLocalError: local variable ‘connect’ referenced before assignment
any ideas?
@saurabh6790 Also, I have this error in scheduler log -
Method: all, Handler: frappe_ldap.sync_profile.check_profiles_daily
Traceback (innermost last):
File “/home/frappe/frappe-bench/apps/frappe/frappe/tasks.py”, line 79, in scheduler_task
frappe.get_attr(handler)()
File “/home/frappe/frappe-bench/apps/frappe/frappe/init.py”, line 734, in get_attr
return getattr(get_module(modulename), methodname)
File “/home/frappe/frappe-bench/apps/frappe/frappe/init.py”, line 564, in get_module
return importlib.import_module(modulename)
File “/usr/lib/python2.7/importlib/init.py”, line 37, in import_module
import(name)
File “/home/frappe/frappe-bench/apps/frappe_ldap/frappe_ldap/sync_profile.py”, line 3, in
from frappe.utils.email_lib import sendmail
ImportError: No module named email_lib
There was an error in my ldap setup. I corrected and now I get invalid user or password error. I’m sure the id & password is correct. Any ideas? In the ldap setup., I gave the ldap administrator password and there was no user name field to input. Is that how it should be?