ANN: python-ldap-2.3.7

2009-04-09 Thread Michael Ströder 
Find a new release of python-ldap:

  http://python-ldap.sourceforge.net/

python-ldap provides an object-oriented API to access LDAP directory
servers from Python programs. It mainly wraps the OpenLDAP 2.x libs for
that purpose. Additionally it contains modules for other LDAP-related
stuff (e.g. processing LDIF, LDAPURLs and LDAPv3 schema).

Note that the download page has changed recently. You can now find the
source distribution at PyPI:

  http://pypi.python.org/pypi/python-ldap/

Ciao, Michael.

-- 
Michael Ströder
E-Mail: [email protected]
http://www.stroeder.com


Released 2.3.7 2009-04-09

Changes since 2.3.6:

Lib/
* urllib.quote() is now used in LDAPUrlExtension.unparse() to quote
  all special URL characters in extension values

Modules/
* Fixed ldapcontrol.c not to raise ldap.ENCODING_ERROR in
  function encode_rfc2696() on 64-bit systems
* Fixed seg fault if error code in a LDAP response was outside
  the known error codes and could not be mapped to a specific
  exception class (thanks to Sean)
* errors.c: LDAP_ERROR_MAX set to LDAP_PROXIED_AUTHORIZATION_DENIED
  if available in OpenLDAP header
* new exception class ldap.PROXIED_AUTHORIZATION_DENIED
  if available in OpenLDAP header
* Fixed functions.c not to raise ldap.ENCODING_ERROR in
  function l_ldap_str2dn() on 64-bit systems (see SF#2725356)


Released 2.3.6 2009-02-22

Changes since 2.3.5:

Lib/
* Importing ldap.str2dn() which directly imported _ldap.str2dn()
  is prohibited now (see SF#2181141)

Modules/
* get_option(): Added support for reading more SASL options.
  (OPT_X_SASL_MECH, OPT_X_SASL_REALM, OPT_X_SASL_AUTHCID and
  OPT_X_SASL_AUTHZID)
* Added some explicit type casts to fix issues while building
  with SunStudio
* Fixed compiling issue with GCC 4.4
  (see SF#2555793, thanks to Matej and Martin)

Doc/
* Clarified not to use ldap_get_dn() directly
* Fixed description of ldap.SASL_AVAIL and ldap.TLS_AVAIL
  (see SF#2555804, thanks to Matej and Martin)




--
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
___
Python-LDAP-dev mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev

Limited the usage of SF services for python-ldap

2009-04-09 Thread Michael Ströder 
HI!

Please note that from now on python-ldap releases and docs will not be
made available trough SF's file release area anymore. SF's new web
interface is even worse than the old one. The download pages are much
too complicated for implementing automatic installation.

The web page
http://python-ldap.sourceforge.net/download.shtml
already points to:
http://pypi.python.org/pypi/python-ldap/

I think this is the appropriate place for providing python-ldap
distribution files. I'd encourage others to upload their Win32 builds or
whatever there. Let me know if you need access to python-ldap's PyPI entry.

Also the docs are stored directly in the web space:
http://python-ldap.sourceforge.net/docs.shtml

I also disabled SF services for python-ldap's SF project entry which
were not used anyway and only spammed ("News" and "Documentation").

More news on that to come.

Ciao, Michael.

--
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
___
Python-LDAP-dev mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev

using Kerberos to authenticate to Active Directory from python ldap

2009-04-09 Thread Olivier Sessink 
Hi all,

I'm trying to script a function that can retrieve if a user is member of 
a group in active directory. The previous script was a shell script with 
a ldapsearch call for every user. You can image that took long on a 
thousand users.

So I'm rewriting the script for python. However, I cannot get the 
kerberos authentication right.

ld = ldap.initialize('activedirectory-dns')
ld.sasl_interactive_bind_s('', ldap.sasl.gssapi('u...@realm'))
ld.search_s(self.base, ldap.SCOPE_SUBTREE, '(CN=groupname)', ['Member'])

I get an error that I don't have the right credentials.

However it works with ldapsearch, so the Kerberos ticket is valid and 
correct for this query..

Anybody a tip how to continue? Or an example script that uses Kerberos?

thanks,
Olivier


--
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
___
Python-LDAP-dev mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev

Re: using Kerberos to authenticate to Active Directory from python ldap

2009-04-09 Thread Michael Ströder 
Olivier Sessink wrote:
> 
> So I'm rewriting the script for python. However, I cannot get the 
> kerberos authentication right.
> 
> ld = ldap.initialize('activedirectory-dns')
> ld.sasl_interactive_bind_s('', ldap.sasl.gssapi('u...@realm'))
> ld.search_s(self.base, ldap.SCOPE_SUBTREE, '(CN=groupname)', ['Member'])
> 
> I get an error that I don't have the right credentials.
> 
> However it works with ldapsearch, so the Kerberos ticket is valid and 
> correct for this query..

I cannot see how your parameters are. Note that SASL-Bind with GSSAPI is
quite picky about using the right DNS names.

Especially it should be something like

ld = ldap.initialize('ldap://dc1.dom2.adtest.domain')

with dc1.dom2.adtest.domain being one of the names listed with service
prefix ldap/ in servicePrincipalName on the domain controller.

> Or an example script that uses Kerberos?

Demo/sasl_bind.py

Ciao, Michael.

--
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
___
Python-LDAP-dev mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev

Re: Limited the usage of SF services for python-ldap

2009-04-09 Thread Zhang Huangbin 
Michael Ströder wrote:
> HI!
>
> Please note that from now on python-ldap releases and docs will not be
> made available trough SF's file release area anymore. SF's new web
> interface is even worse than the old one. The download pages are much
> too complicated for implementing automatic installation.
>
> The web page
> http://python-ldap.sourceforge.net/download.shtml
> already points to:
> http://pypi.python.org/pypi/python-ldap/
>
> I think this is the appropriate place for providing python-ldap
> distribution files. I'd encourage others to upload their Win32 builds or
> whatever there. Let me know if you need access to python-ldap's PyPI entry.
>
> Also the docs are stored directly in the web space:
> http://python-ldap.sourceforge.net/docs.shtml
>
> I also disabled SF services for python-ldap's SF project entry which
> were not used anyway and only spammed ("News" and "Documentation").
>
> More news on that to come.
>
> Ciao, Michael.

Try google code project hosting?
http://code.google.com/


-- 
Best regards.

Zhang Huangbin

- Open Source Mail Server Solution for RHEL/CentOS 5.x:
  http://code.google.com/p/iredmail/


--
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
___
Python-LDAP-dev mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev