On Mon, 8 Apr 2013 09:10:05 +1000 "Gareth Walters (2K Australia)" < gareth.walt...@2kaustralia.com> wrote: > > Package: python-ldap > Version: 2.4.10-1 > Severity: important > > Dear Maintainer, > While trying to get a python scrip tof mine to work in Wheezy (have it > running in Squeeze and several other OSs) > I come across this error when using ldaps:// > > ldap.SERVER_DOWN: {'desc': "Can't contact LDAP server"} > The server is up and the same script is working on the Squeeze machine. > > Its talking to Windows AD 2008 R2 > > the minimal code to reproduce is; > import ldap > myldap=ldap.initialize("ldaps://xx.xx.xx.100") > myldap.bind_s('bindDN','bindPASS') > > but this works > import ldap > myldap=ldap.initialize("ldap://xx.xx.xx.100") > myldap.bind_s('bindDN','bindPASS') > > Does not even get far enough to give a certificate error as would > notmally happen without allow unverified/trusted SSL cert. > > > Output when setting ldap debug on; > > ldap_create > ldap_url_parse_ext(ldaps://xx.xx.xx.105) > ldap_url_parse_ext(ldaps://xx.xx.xx.100) > ldap_sasl_bind > ldap_send_initial_request > ldap_new_connection 1 1 0 > ldap_int_open_connection > ldap_connect_to_host: TCP xx.xx.xx.100:636 > ldap_new_socket: 3 > ldap_prepare_socket: 3 > ldap_connect_to_host: Trying xx.xx.xx.100:636 > ldap_pvt_connect: fd: 3 tm: -1 async: 0 > ldap_int_open_connection > ldap_connect_to_host: TCP xx.xx.xx.105:636 > ldap_new_socket: 5 > ldap_prepare_socket: 5 > ldap_connect_to_host: Trying xx.xx.xx.105:636 > ldap_pvt_connect: fd: 5 tm: -1 async: 0 > ldap_err2string > Traceback (most recent call last): > File "./adauth.py", line 71, in <module> > > myldap.bind_s(config.get('ldap','bindDN'),config.get('ldap','bindPASS')) > File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 222, > in bind_s > msgid = self.bind(who,cred,method) > File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 216, > in bind > return self.simple_bind(who,cred)