Hi,
the attached patch allows you to use default values for the
functions/arguments below. This is helpful in an environment where
/etc/openldap/ldap.conf is kept up to date with correct information.
ldap.initialize(uri)
LDAPObject.search_*(base, scope)
The semantics are identical to the
Hello Mike
> Apologies in advanced if this is a duplicate post, but every time I
> tried searching the archives it would time out. I am wondering if it
> is possible to create Active Directory objects (users) with the python-
> ldap module. I am currently developing on Mac OS X. I realize
Michael Ströder wrote:
> I vaguely remember that there are some issues with really activating a
> user entry as a Windows user. But this is not a problem of accessing AD
> via python-ldap.
>
This indeed rings a bell. You need to create the user as disabled (look
for userAccountControl on MSDN)
>
> Mike Matz wrote:
>>
>> Thanks for the help guys. It got me off to a great start. I have
>> successfully created a user in my AD. As you already eluded to, I am
>> struggling with the password attribute. Can the password attribute
>> be set when creating a user. From what I gathered, the pa
Roland Hedberg wrote:
> On the topic python-ldap <-> AD:
>
> My problem is that I can add an entry using the User object class and
> attributes contained in that class without any problems.
>
> But when I try to add the samAccountName attribute and thereby the
> object class SecurityPrincipal the
Michael Ströder wrote:
> Geert Jansen wrote:
>
>> On a related note, you may be interested in my current project
>> Python-AD: http://www.boskant.nl/trac/python-ad/
>>
>
> How are you using Kerberos? Do you expect the user to run MIT's kinit
> bef
software, including full documentation, can be found at:
http://www.boskant.nl/trac/python-ad/
Regards,
Geert Jansen
-
SF.Net email is sponsored by:
Check out the new SourceForge.net Marketplace.
It's the best place to b
Mike Matz wrote:
> Will this initial release work on Mac OS X? If not, are there any
> plans in the future for Mac OS X?
At the moment I have not tested Python-AD on OSX, but I would be happy
to support it in a future version. This requires though that someone
sends me patches, or that I find a wa
Michael Ströder wrote:
> I saw that kinit is started as a shell sub-process.
Actually Python-AD comes with a C module that wraps the required
Kerberos functions (see lib/ad/protocol/krb5.c). What you probably saw
is the use of kinit in the test suite, where I use it to verify the
credentials acqu
Michael Ströder wrote:
> Ah, ok. Interesting. Why don't you separate the krb5 module into another
> project. I guess some people might be interested in that.
>
> Especially my dream would be to support HTTP-Authentication based on
> SPNEGO/GSSAPI in web2ldap. But not only authenticating the user a
Torsten Kurbad wrote:
> ME, ME, ME!!! :o)
>
> I tried several krb5 modules lying around in the net so far - and none
> really worked! In fact, most of the implementations require an external
> kinit call, which is NOT what I intend to let my users do...
>
> So, I'd very much appreciate, if you thi
Michael Ströder wrote:
>
> Well, setting an env var is not really a good choice when running within
> a multi-threaded web application... :-/
>
I was thinking how one could solve the problem of per-thread credentials
in python-ldap (or python-ad).. I think it can be done with the keyring
crede
Hi,
OpenLDAP CVS has just added support for a new LDAP option
LDAP_OPT_X_NOCANON. This option turns off host canonicalization based on
reverse DNS in OpenLDAP. The attached patch makes this option available in
python-ldap.
One use case for this option is environments where you don't need reverse
[re-send in plain text. apologies for posting in html]
Hi,
OpenLDAP CVS has just added support for a new LDAP option
LDAP_OPT_X_NOCANON. This option turns off host canonicalization based
on reverse DNS in OpenLDAP. The attached patch makes this option
available in python-ldap.
One use case for t
On Fri, Apr 10, 2009 at 11:24 AM, Olivier Sessink
wrote:
> I noticed that there is some C code related to Kerberos in python-ad.
> Is this code required to initialize a kerberos authentication, or is
> this just to change passwords and things like that?
Actually, both. The C code exposes a small
Hi Michael,
could you have a look at the patch that i submitted a while ago to
expose LDAP_OPT_X_SASL_NOCANON? This option is a new LDAP option that
disables SASL host name canonicalization. It is very useful in Windows
AD environments.
Patch attached. References:
-
http://sourceforge.net/mail
2009/5/3 Michael Ströder :
>
> Why didn't you patch LDAP_get_option()?
That is an oversight. It should be updated as well. New patch attached.
> If I also extend LDAP_get_option() l.get_option(ldap.OPT_X_SASL_NOCANON)
> will always return -1 if set to any value instead of 0. Is that correct?
Yes
2009/5/4 Michael Ströder :
> Ok, committed in HEAD. Please test.
I've tested current HEAD and it works for me.
> Is it urgent to have that in a generally available release?
Not really urgent but it would be good if a new release was made in
the next 2-3 months or so. This would ensure that the
18 matches
Mail list logo
