After searching everywhere I could not find a solution. After finally going to the code I discoved that it needed to be fixed for Active directory.
I have submitted a pull request, but until then replace
(It is now in web2py upstream dev, and should be included in the next stable release)
Here is my authentication settings in my model.
Credit for most of it goes to the mentioned slice:
# Authentication - http://www.web2pyslices.com/slice/show/1468/how-to-set-up-web2py-ldap-with-windows-active-directory from gluon.tools import Auth auth = Auth(db, hmac_key=Auth.get_or_create_key()) auth.define_tables(username=True) auth.settings.create_user_groups=False # all we need is login auth.settings.actions_disabled=['register','change_password','request_reset_password','retrieve_username','profile'] # you don't have to remember me auth.settings.remember_me_form = False # ldap authentication and not save password on web2py from gluon.contrib.login_methods.ldap_auth import ldap_auth auth.settings.login_methods = [ldap_auth(mode='ad', allowed_groups = ['Domain Group1','Domain Group2'], bind_dn = 'CN=Admin User,OU=baseou,DC=example,DC=com', bind_pw = 'pass', group_dn = 'OU=Domain Groups,OU=baseou,DC=example,DC=com', group_name_attrib = 'cn', group_member_attrib = 'member', group_filterstr = 'objectClass=Group', server='server.example.com, base_dn='OU=baseou,DC=example,DC=com')]
Note that the bind_dn and bind_pw are required unless your setup allows anonymous bind.