ANNC and query: ldapmodule-1.10a3-patched RPMs available

Michael Ströder michael at
Wed May 9 18:25:22 CEST 2001

Joe Little wrote:
> I'm not complaining..

Joe, since you are really contributing code be assured that I did
not point to you.

> we need specifically to support v3 schema,

Could be done in higher-level Python modules. (Not trivial though.)
Not sure if you won't have to fiddle with BER-encoded data
(implementing syntax matching).

> OpenLDAP v2 ACLs,

Currently this whole ACL thing is vendor-specific => you would have
to write a specific module for each LDAP server. Finding a good
abstraction level would be required. See also "Access Control Model
for LDAP" on
for an attempt to define a standard. There's no need for a modified
C extension module. You could also implement this in Python.

> StartTLS,

Or LDAP over SSL (ldaps://..). IMHO STARTTLS is not widely
implemented up to now.

Let me add two things.

Thread-safety/reentrant: Would require to go with the Mozilla SDK or
use ldap_r of OpenLDAP 2.0.x (experimental, see my other posting
with Kurt's not about it).

Proper handling of referrals / search continuations: Konstantin's
patch already provides this but there are sometimes strange LDAP
referral URLs returned. Might be a bug of the OpenLDAP 2.0.x libs.

Ciao, Michael.

More information about the python-ldap mailing list