Add Active Directory backend which under most circumstance should be easier to setup than the LDAP backend

Review Request #699 — Created Jan. 14, 2009 and submitted — Latest diff uploaded


Review Board SVN (deprecated)


The LDAP backend is too confusing to setup for most users of active directory. This Active Directory backend should make it much easier to get up and running with ReviewBoard in an AD environment. A user can just specify the domain name (ie. and check the option to use DNS to find the DC servers and everything else will be taken care of for them. Finding the domain controllers from DNS requires PyDNS. There is also the option of specifying the domain controller manually.

An OU can be specified optionally which will restrict users to those that belong in that OU. Users can also be required to belong to a certain group and recursive group checks are implemented when specifying a recursion depth greater than 0.
A patched version of Review Board is deployed internally, authenticating against Active Directory using DNS to find the domain controllers and with users restricted to a specified group. Extensive manual testing was performed of several combinations but I haven't figured out how to mock everything needed for an automated test suite.