starred/PowerDNS-Admin-PowerDNS-Admin
1
0
Fork 0
mirror of https://github.com/PowerDNS-Admin/PowerDNS-Admin.git synced 2026-04-25 00:35:52 +03:00
Code Issues Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #105] AD authentication has no email address for gravatar #68

New issue
Closed
opened 2026-02-26 10:35:58 +03:00 by kerem · 3 comments
kerem commented 2026-02-26 10:35:58 +03:00
Owner
Copy link

Originally created by @ihamburglar on GitHub (Aug 15, 2016).
Original GitHub issue: https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/105

I installed and hooked up to AD.

....
# LDAP CONFIG
LDAP_TYPE = 'ad'  # use 'ad' for MS Active Directory
LDAP_URI = 'ldaps://10.10.10.248:636'
LDAP_USERNAME = 'cn=svc_dns_admin,ou=Users,dc=domain,dc=local'
LDAP_PASSWORD = 'REDACTED'
LDAP_SEARCH_BASE = 'dc=domain,dc=local'
# Additional options only if LDAP_TYPE=ldap
LDAP_USERNAMEFIELD = 'userPrincipalName'
LDAP_FILTER = 'memberof=cn=DNS_users,ou=Groups,dc=domain,dc=local'
....

Once you log in using your AD account

[INFO] 10.10.10.200 - - [15/Aug/2016 05:53:07] "GET /dashboard HTTP/1.1" 500 -
Traceback (most recent call last):
  File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 2000, in __call__
    return self.wsgi_app(environ, start_response)
  File "/root/flask/lib/python2.7/site-packages/werkzeug/contrib/fixers.py", line 152, in __call__
    return self.app(environ, start_response)
  File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1991, in wsgi_app
    response = self.make_response(self.handle_exception(e))
  File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1567, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1988, in wsgi_app
    response = self.full_dispatch_request()
  File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1641, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1544, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1639, in full_dispatch_request
    rv = self.dispatch_request()
  File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1625, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/root/flask/lib/python2.7/site-packages/flask_login.py", line 792, in decorated_view
    return func(*args, **kwargs)
  File "/root/PowerDNS-Admin/app/views.py", line 283, in dashboard
    return render_template('dashboard.html', domains=domains, domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history)
  File "/root/flask/lib/python2.7/site-packages/flask/templating.py", line 134, in render_template
    context, ctx.app)
  File "/root/flask/lib/python2.7/site-packages/flask/templating.py", line 116, in _render
    rv = template.render(context)
  File "/root/flask/lib/python2.7/site-packages/jinja2/environment.py", line 989, in render
    return self.environment.handle_exception(exc_info, True)
  File "/root/flask/lib/python2.7/site-packages/jinja2/environment.py", line 754, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/root/PowerDNS-Admin/app/templates/dashboard.html", line 1, in top-level template code
    {% extends "base.html" %}
  File "/root/PowerDNS-Admin/app/templates/base.html", line 43, in top-level template code
    {% block pageheader %}
  File "/root/PowerDNS-Admin/app/templates/base.html", line 68, in block "pageheader"
    <img src="{{ current_user.email|email_to_gravatar_url(size=80) }}" class="user-image" alt="User Image"/>
  File "/root/PowerDNS-Admin/app/lib/utils.py", line 153, in email_to_gravatar_url
    hash_string = hashlib.md5(email).hexdigest()
TypeError: must be string or buffer, not None

It looks like the culprit is the code that turns an email into a gravatar via the email address in utils.py. However when authing with AD you don't tell the app about your email address.

Originally created by @ihamburglar on GitHub (Aug 15, 2016). Original GitHub issue: https://github.com/PowerDNS-Admin/PowerDNS-Admin/issues/105 I installed and hooked up to AD. ``` .... # LDAP CONFIG LDAP_TYPE = 'ad' # use 'ad' for MS Active Directory LDAP_URI = 'ldaps://10.10.10.248:636' LDAP_USERNAME = 'cn=svc_dns_admin,ou=Users,dc=domain,dc=local' LDAP_PASSWORD = 'REDACTED' LDAP_SEARCH_BASE = 'dc=domain,dc=local' # Additional options only if LDAP_TYPE=ldap LDAP_USERNAMEFIELD = 'userPrincipalName' LDAP_FILTER = 'memberof=cn=DNS_users,ou=Groups,dc=domain,dc=local' .... ``` Once you log in using your AD account ``` [INFO] 10.10.10.200 - - [15/Aug/2016 05:53:07] "GET /dashboard HTTP/1.1" 500 - Traceback (most recent call last): File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 2000, in __call__ return self.wsgi_app(environ, start_response) File "/root/flask/lib/python2.7/site-packages/werkzeug/contrib/fixers.py", line 152, in __call__ return self.app(environ, start_response) File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1991, in wsgi_app response = self.make_response(self.handle_exception(e)) File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1567, in handle_exception reraise(exc_type, exc_value, tb) File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1988, in wsgi_app response = self.full_dispatch_request() File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1641, in full_dispatch_request rv = self.handle_user_exception(e) File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1544, in handle_user_exception reraise(exc_type, exc_value, tb) File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1639, in full_dispatch_request rv = self.dispatch_request() File "/root/flask/lib/python2.7/site-packages/flask/app.py", line 1625, in dispatch_request return self.view_functions[rule.endpoint](**req.view_args) File "/root/flask/lib/python2.7/site-packages/flask_login.py", line 792, in decorated_view return func(*args, **kwargs) File "/root/PowerDNS-Admin/app/views.py", line 283, in dashboard return render_template('dashboard.html', domains=domains, domain_count=domain_count, users=users, history_number=history_number, uptime=uptime, histories=history) File "/root/flask/lib/python2.7/site-packages/flask/templating.py", line 134, in render_template context, ctx.app) File "/root/flask/lib/python2.7/site-packages/flask/templating.py", line 116, in _render rv = template.render(context) File "/root/flask/lib/python2.7/site-packages/jinja2/environment.py", line 989, in render return self.environment.handle_exception(exc_info, True) File "/root/flask/lib/python2.7/site-packages/jinja2/environment.py", line 754, in handle_exception reraise(exc_type, exc_value, tb) File "/root/PowerDNS-Admin/app/templates/dashboard.html", line 1, in top-level template code {% extends "base.html" %} File "/root/PowerDNS-Admin/app/templates/base.html", line 43, in top-level template code {% block pageheader %} File "/root/PowerDNS-Admin/app/templates/base.html", line 68, in block "pageheader" <img src="{{ current_user.email|email_to_gravatar_url(size=80) }}" class="user-image" alt="User Image"/> File "/root/PowerDNS-Admin/app/lib/utils.py", line 153, in email_to_gravatar_url hash_string = hashlib.md5(email).hexdigest() TypeError: must be string or buffer, not None ``` It looks like the culprit is the code that turns an email into a gravatar via the email address in utils.py. However when authing with AD you don't tell the app about your email address.
kerem 2026-02-26 10:35:58 +03:00
kerem commented 2026-02-26 10:35:58 +03:00
Author
Owner
Copy link

@joachimtingvold commented on GitHub (Aug 15, 2016):

Should probably extend the config to have an LDAP_EMAILFIELD option, in addition to checking if the email-value is None (set it to '' rather than None or something).

<!-- gh-comment-id:239735710 --> @joachimtingvold commented on GitHub (Aug 15, 2016): Should probably extend the config to have an `LDAP_EMAILFIELD` option, in addition to checking if the email-value is None (set it to '' rather than None or something).
kerem commented 2026-02-26 10:35:59 +03:00
Author
Owner
Copy link

@ihamburglar commented on GitHub (Aug 15, 2016):

On the other hand... The my profile section allows you to enter your own email address, which might be better for those who want to use the email address associated with their gravatar and not their corporate email address. Unless you wanted to default to whatever was in AD and then let the user overwrite.

<!-- gh-comment-id:239942855 --> @ihamburglar commented on GitHub (Aug 15, 2016): On the other hand... The my profile section allows you to enter your own email address, which might be better for those who want to use the email address associated with their gravatar and not their corporate email address. Unless you wanted to default to whatever was in AD and then let the user overwrite.
kerem commented 2026-02-26 10:35:59 +03:00
Author
Owner
Copy link

@joachimtingvold commented on GitHub (Aug 15, 2016):

Either works.

I have my corporate email added to the same Gravatar-account as my personal, so, I'm kinda "whatever" :-P

<!-- gh-comment-id:239943311 --> @joachimtingvold commented on GitHub (Aug 15, 2016): Either works. I have my corporate email added to the same Gravatar-account as my personal, so, I'm kinda "whatever" :-P
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
qodana-automation-1514032984
qodana-branch-20251208-1740
dependabot/pip/werkzeug-3.1.4
dependabot/pip/python-ldap-3.4.5
dependabot/pip/authlib-1.6.5
dependabot/pip/dev/authlib-1.6.5
dependabot/npm_and_yarn/dev/bootstrap-datepicker-1.10.1
dependabot/npm_and_yarn/sweetalert2-11.22.4
dependabot/pip/dev/configobj-5.0.9
dependabot/pip/dev/zxcvbn-4.5.0
dependabot/pip/dev/zipp-3.23.0
dependabot/pip/dev/sqlalchemy-1.4.54
dependabot/pip/requests-2.32.4
dependabot/pip/setuptools-78.1.1
v0.4.3
add-sentry-support
qodana-automation-1161410675
qodana-automation-1769639544
dev
1536-application-settings-editor-overhaul
1601_refactor_domain_routes
v0.5.0-dev
v0.4.1
v0.4.2
v0.4.1
v0.4.0
v0.3.0
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2
v0.1
Labels
Clear labels   
bug / broken-feature

   
bug / broken-feature

   
docs / request

   
feature / request

   
help / other

   
mod / help-wanted
No labels
bug / broken-feature
bug / broken-feature
docs / request
feature / request
help / other
mod / help-wanted
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/PowerDNS-Admin-PowerDNS-Admin#68
No description provided.