Re: SASL GSSAPI under Win32
I also had that same error trying digest-md5. I still find it strange that with gssapi a SUCCESS exception is raised: it smells like a bug, or like a mismatch of libraries somehow. The strange thing is that the version I use is supposed to be statically linked to the necessary libs, so that you won't have the DLL lookup issues. For dynamically linked versions one can always copy the dlls to system32, but that's fishy at best... But I found a way to get it working without sasl at last with simple_bind_s and the ldap.OPT_REFERRALS option. I had already read about this option, but it didn't help, until it turned out I had to supply valid account data to simple_bind_s (the so-called 'Bind DN and password', I guess). I had already tried all sorts of combinations, but not that one... (I'm new to LDAP as you might guess) Thanks for your time! - Original Message From: Waldemar Osuch To: Michael Ströder Cc: [email protected] Sent: Thursday, 6 August, 2009 5:07:08 Subject: Re: SASL GSSAPI under Win32 2009/8/5 Michael Ströder : > Waldemar Osuch wrote: >> I have made a couple attempts to support SASL in the Win32 builds. >> One user even reported a success using it but it never worked for me. >> I will give it one more go but I can not make any promises. > > I tried to bind with SASL DIGEST-MD5 to MS AD W2K3SP2 and to OpenLDAP 2.4.x > but that did not work: > > AUTH_UNKNOWN: {'info': 'SASL(-4): no mechanism available: Unable to find a > callback: 2', 'desc': 'Unknown authentication method'} > > Hmm, are the SASL mechs modules available at all? > That is the error I am getting too. My understanding of how it is supposed to work is that _ldap.pyd calls into libsasl.dll first (this part works) but then libsasl.dll has to find and load the requested auth mechanism. Unfortunately I did not find a way of telling libsasl where the auth plugin dlls are located. Dropping them into the same directory and hoping it will find them does not seem to work. -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ Python-LDAP-dev mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/python-ldap-dev -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ Python-LDAP-dev mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
RE: ldap.passwd_s with Active Direcory
> -Original Message- > From: Michael Ströder [mailto:[email protected]] > Sent: 06 August 2009 00:49 > To: Mike Peters > Cc: [email protected] > Subject: Re: ldap.passwd_s with Active Direcory > > [email protected] wrote: > > *** ldaps://ad01.demo.local:636 - SimpleLDAPObject.simple_bind > ((u'u...@addemo', u'secret', None, None),{}) > > First of all you should not pass Unicode strings to python-ldap. That's > not a > problem for the actual values you used though in this example but in > general > up to now python-ldap only receives raw strings as arguments. OK, thanks. I'll bear that in mind. > > > In [4]: mod_attrs = [( ldap.MOD_REPLACE, 'unicodePwd', > '"password"'.encode('utf-16-le') )] > > In [5]: dn = 'CN=Barney Rubble,OU=Users,OU=ADDEMO,DC=demo,DC=local' > > > > In [6]: r = l.modify_s(dn, mod_attrs)*** ldaps://ad01.demo.local:636 > - SimpleLDAPObject.modify_ext (('CN=Barney > Rubble,OU=Users,OU=ADDEMO,DC=demo,DC=local', [(2, 'unicodePwd', > '"\x00p\x00a\x00s\x00s\x00w\x00o\x00r\x00d\x00"\x00')], None, None),{}) > > Unfortunately I can't tell whether > u...@addemo and CN=Barney Rubble,OU=Users,OU=ADDEMO,DC=demo,DC=local > are the same AD user entry. > > I vaguely remember that when setting your own password you have to > explicitly > delete the old one and add the new one. Dig for the MSDN article. > No, I'm using a different user. I've tried a couple of different users including Administrator in case it is user permissions. I've looked at the MSDN article and can't see anything in there different. Thanks Mike Peters -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ Python-LDAP-dev mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
Re: ldap.passwd_s with Active Direcory
[email protected] wrote: > No, I'm using a different user. I've tried a couple of different users > including Administrator in case it is user permissions. I've looked at the > MSDN article and can't see anything in there different. Strange enough exactly this works just fine with my web2ldap which uses python-ldap. Ciao, Michael. -- Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ___ Python-LDAP-dev mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
