On Fri, Apr 10, 2009 at 11:24 AM, Olivier Sessink
wrote:
> I noticed that there is some C code related to Kerberos in python-ad.
> Is this code required to initialize a kerberos authentication, or is
> this just to change passwords and things like that?
Actually, both. The C code exposes a small
Olivier Sessink wrote:
>> ld = ldap.initialize('ldap://foobar')
>> ld.set_option(ldap.OPT_REFERRALS,0)
>
> you saved my day!
>
> it works.
Glad that worked.
> sorry for my limited knowledge, but what does "referrals should be
> automatically chased" mean?
Referrals are basically LDAP URLs retu
2009/4/10 Michael Ströder :
> Olivier Sessink wrote:
>> 2009/4/10 Michael Ströder :
>>> You can bind with SASL/GSSAPI to AD with plain python-ldap provided you
>>> obtained a valid TGT with kinit before (just like with command-line tool
>>> ldapsearch).
>>
>> thanks, that's what I need to know.
>>
Olivier Sessink wrote:
> 2009/4/10 Michael Ströder :
>> You can bind with SASL/GSSAPI to AD with plain python-ldap provided you
>> obtained a valid TGT with kinit before (just like with command-line tool
>> ldapsearch).
>
> thanks, that's what I need to know.
>
> I can't get it to work though..
>
Michael Ströder wrote:
> Hmm, this should simply work just like the ldapsearch usage.
BTW: If you're using MS AD of W2K8 (not W2K3) you can check whether your
bound with ld.whoami_s() which on W2K8 returns 'u:DOMAIN\SAMACCOUNTNAME'.
Ciao, Michael.
2009/4/10 Michael Ströder :
> You can bind with SASL/GSSAPI to AD with plain python-ldap provided you
> obtained a valid TGT with kinit before (just like with command-line tool
> ldapsearch).
thanks, that's what I need to know.
I can't get it to work though..
ld = ldap.initialize('ldap://foobar'
Olivier Sessink wrote:
> 2009/4/10 Geert Jansen :
>> As a related solution, you could have a look at python-ad [1].
>> Python-AD is built on top of python-ldap and provides lots of
>> functionality that you normally need to connect to AD built in. For
>> example, service discovery, credential manag
2009/4/10 Geert Jansen :
> As a related solution, you could have a look at python-ad [1].
> Python-AD is built on top of python-ldap and provides lots of
> functionality that you normally need to connect to AD built in. For
> example, service discovery, credential management and multi-domain
> func
Olivier Sessink wrote:
>
> So I'm rewriting the script for python. However, I cannot get the
> kerberos authentication right.
>
> ld = ldap.initialize('activedirectory-dns')
> ld.sasl_interactive_bind_s('', ldap.sasl.gssapi('u...@realm'))
> ld.search_s(self.base, ldap.SCOPE_SUBTREE, '(CN=groupna
Hi all,
I'm trying to script a function that can retrieve if a user is member of
a group in active directory. The previous script was a shell script with
a ldapsearch call for every user. You can image that took long on a
thousand users.
So I'm rewriting the script for python. However, I canno
10 matches
Mail list logo
