`Account` and `Password` are optional, and used for two-phase ldap 

authentication so those are credentials to access Your ldap, if it doesn't 

support anonymous search/user lookups.

If all data are entered correctly, and `python-ldap` is properly installed

Users should be granted to access RhodeCode wit ldap accounts. When 

logging at the first time an special ldap account is created inside RhodeCode, 

so You can control over permissions even on ldap users. If such user exists 

already in RhodeCode database ldap user with the same username would be not 

able to access RhodeCode.

        if self.LDAP_USE_LDAPS:ldap_server_type = ldap_server_type + 's'

        self.LDAP_SERVER = "%s://%s:%s" % (ldap_server_type,

                                               self.LDAP_SERVER_ADDRESS,

                                               self.LDAP_SERVER_PORT)

        self.BASE_DN = base_dn

    def authenticate_ldap(self, username, password):

        """Authenticate a user via LDAP and return his/her LDAP properties.

        Raises AuthenticationError if the credentials are rejected, or

        EnvironmentError if the LDAP server can't be reached.

        :param password: password

        """

        from rhodecode.lib.helpers import chop_at

        uid = chop_at(username, "@%s" % self.LDAP_SERVER_ADDRESS)

        if "," in username:

            raise LdapUsernameError("invalid character in username: ,")

        try:

            ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, '/etc/openldap/cacerts')

            ldap.set_option(ldap.OPT_NETWORK_TIMEOUT, 10)

            server = ldap.initialize(self.LDAP_SERVER)

            if self.ldap_version == 2:

                server.protocol = ldap.VERSION2

            else:

                server.protocol = ldap.VERSION3

            if self.LDAP_BIND_DN and self.LDAP_BIND_PASS:

            server.simple_bind_s(dn, password)

            properties = server.search_s(dn, ldap.SCOPE_SUBTREE)

            if not properties:

                raise ldap.NO_SUCH_OBJECT()

        except ldap.NO_SUCH_OBJECT, e:

            log.debug("LDAP says no such user '%s' (%s)", uid, username)

            raise LdapUsernameError()

        try:

            import ldap

        except ImportError:

            raise LdapImportError

        return value

#===============================================================================

# FORMS        

#===============================================================================

class LoginForm(formencode.Schema):

    allow_extra_fields = True

    filter_extra_fields = True

        ldap_active = StringBoolean(if_missing=False)

        ldap_host = UnicodeString(strip=True,)

        ldap_port = Number(strip=True,)

        ldap_ldaps = StringBoolean(if_missing=False)

        ldap_dn_user = UnicodeString(strip=True,)

        ldap_dn_pass = UnicodeString(strip=True,)

    return _LdapSettingsForm

import sys

py_version = sys.version_info

requirements = [

        "Pylons>=1.0.0",

        "SQLAlchemy>=0.6.5",

        "Mako>=0.3.6",

        "vcs>=0.1.10",

        "pygments>=1.3.0",

        "mercurial>=1.7.1",

        "celery>=2.1.3",

        "py-bcrypt",

        "babel",

    ]

classifiers = ['Development Status :: 4 - Beta',

    [paste.app_install]

    main = pylons.util:PylonsInstaller

    [paste.global_paster_command]

    make-index = rhodecode.lib.indexers:MakeIndex

    upgrade-db = rhodecode.lib.utils:UpgradeDb

    """,

)