[EMAIL PROTECTED] wrote:
import ldap
l = ldap.initialize("ldap://server.net";)
l.simple_bind(DN, "secret")
> 1
^^^
You probably want to use the synchronous method simple_bind_s() since
you want to impersonate on this LDAP connection immediately before doing
anything else on that connection.
l.result(1)
(97, [])
Could you please use argument trace_level=2 when calling
ldap.initialize() and examine the debug log? It records all method calls
of your particular LDAPObject instance.
l = ldap.initialize("ldap://server.net",trace_level=2)
Level 2 outputs a debug log with results received. Protect this log
since it also contains passwords!
l.search("dc=server,dc=net", ldap.SCOPE_SUBTREE, "(sAMAccountName=user)")
OPERATIONS_ERROR: {'info': '00000000: LdapErr: DSID-0C090627, comment:
In order to perform this operation a successful bind must be completed
on the connection., data 0, vece', 'desc': 'Operations error'}
Still something went wrong with your bind. Since I don't know your DN I
can't say anything. The DN should be a local user in this domain and not
a user from another trusted domain. If you have a complicated AD setup
with various domains and delegated trust connecting to the GC (global
catalog) on port 3268 might be easier.
The simple bind works fine and returns a result, when i get the
result, it returns 97 meaning successful.
It would raise an exception if an LDAP error was received.
So there was a successful
bind on the connection, right?
Don't know. Since I don't know your DN and AD domain configuation.
I've added a new example script ms_ad_bind.py to python-ldap's Demo/
directory illustrating all the possible bind methods:
http://python-ldap.cvs.sourceforge.net/*checkout*/python-ldap/python-ldap/Demo/ms_ad_bind.py?content-type=text%2Fplain
For getting the SASL stuff to correctly work your DNS has to be properly
set up for AD (A RRs and matching PTR RRs for the DCs).
Ciao, Michael.
--
http://mail.python.org/mailman/listinfo/python-list
