Django Auth LDAP - Direct Bind using sAMAccountName

I had the same issue.

I ran across ticket 21 in the now-deleted bitbucket repository. (cant-bind-and-search-on-activedirectory). The issues were not migrated to their github, but the author brought up a way to change the library files for django-auth-ldap so that it could do a direct bind.

It came down to changing <python library path>/django_auth_ldap/backend.py to include two lines in _authenticate_user_dn:

if sticky and ldap_settings.AUTH_LDAP_USER_SEARCH:
    self._search_for_user_dn()

I was able to get this to work on my local machine that was running Arch Linux 3.9.8-1-ARCH, but I was unable to replicate it on the dev server running Ubuntu 13.04.

Hopefully this can help.

(This is actually a comment to @amethystdragon's answer, but it's a bunch of code, so posting as a separate answer.) The problem still seems to exist with django_auth_ldap 1.2.5. Here's an updated patch. If you don't want or can't modify the source code, monkey-patching is possible. Just put this code to eg. end of settings.py. (And yes, I know monkey-patching is ugly.)

import ldap
from django_auth_ldap import backend

def monkey(self, password):
  """
  Binds to the LDAP server with the user's DN and password. Raises
  AuthenticationFailed on failure.
  """
  if self.dn is None:
    raise self.AuthenticationFailed("failed to map the username to a DN.")

  try:
    sticky = self.settings.BIND_AS_AUTHENTICATING_USER

    self._bind_as(self.dn, password, sticky=sticky)

    #### The fix -->
    if sticky and self.settings.USER_SEARCH:
      self._search_for_user_dn()
    #### <-- The fix

  except ldap.INVALID_CREDENTIALS:
    raise self.AuthenticationFailed("user DN/password rejected by LDAP server.")

backend._LDAPUser._authenticate_user_dn = monkey