authentication - no errors

Michael Engelhart mengelhart at katahdinsoftware.com
Thu May 8 12:09:50 CEST 2003


OK - got my shiny new OpenLDAP 2.1.18 built and pre11 built and when I 
run the following test script with an invalid password like this

import ldap
try:
         l = ldap.open("127.0.0.1")
         dn = "cn=Directory Manager, o=mydomain.com"
         password  = "test"
         l.simple_bind(dn, password)
         print "got here"
except ldap.LDAPError, e:
         print e

it prints out "got here"

I tried changing the dn and password to invalid entries in a bunch of 
different combinations but it always allows me to bind.

Here's my slapd.conf which is basically the default config

## default ACl
access to *
	by self write
	by users read
	by anonymous auth

database	bdb
suffix "o=mydomain.com"
rootdn "cn=Directory Manager,o=mydomain.com"
rootpw		secret
directory	/usr/local/var/openldap-data/mydomain.com/
index uid,cn,sn,givenName pres,eq,sub

So is this a configuration issue with openldap?  I admit I don't fully 
understand ACL's but this appears to say that the default access is
Allow self write access
Allow authenticated users read access
Allow anonymous users to authenticate

which if I'm correct would cause python-ldap to throw an Exception if I 
passed in an invalid dn/password.

Thanks for any help.

Michael
On Wednesday, May 7, 2003, at 05:44  PM, Michael Ströder wrote:

> Michael Engelhart wrote:
>> how do I tell if it's using the "right" libraries?
>
> Under Linux there's ldd. Not sure about Mac OS X though. On my Linux 
> system it looks like this:
>
> $ ldd /usr/lib/python2.2/site-packages/_ldap.so
>         libldap_r.so.2 => 
> /usr/local/openldap-REL_ENG_2_1/lib/libldap_r.so.2 (0x40010000)
>         liblber.so.2 => 
> /usr/local/openldap-REL_ENG_2_1/lib/liblber.so.2 (0x40059000)
>         libsasl2.so.2 => /usr/local/cyrus-sasl/lib/libsasl2.so.2 
> (0x40067000)
>         libssl.so.0.9.6 => /usr/lib/libssl.so.0.9.6 (0x4008b000)
>         libcrypto.so.0.9.6 => /usr/lib/libcrypto.so.0.9.6 (0x400bc000)
>         libc.so.6 => /lib/libc.so.6 (0x40192000)
>         libresolv.so.2 => /lib/libresolv.so.2 (0x402b0000)
>         libdl.so.2 => /lib/libdl.so.2 (0x402c2000)
>         libkrb5.so.17 => /usr/lib/libkrb5.so.17 (0x402c5000)
>         libasn1.so.5 => /usr/lib/libasn1.so.5 (0x402fc000)
>         libroken.so.9 => /usr/lib/libroken.so.9 (0x4031e000)
>         libcom_err.so.1 => /usr/lib/libcom_err.so.1 (0x40330000)
>         /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)
>         libcrypt.so.1 => /lib/libcrypt.so.1 (0x40334000)
>         libdb-4.0.so => /usr/lib/libdb-4.0.so (0x40365000)
>
>>  I'm using pre06
>
> Please always try with latest and greatest (python-ldap 2.0.0pre11 at 
> the moment). But I'm pretty sure that's not your problem.
>
>> and built it against the only libraries that are on my Mac OS X box 
>> which comes with openldap 2.0.x libs installed.
>
> Exact version of OpenLDAP? Note that OpenLDAP 2.0.x is not actively 
> maintained anymore.
>
>> Maybe I did build it incorrectly???
>
> Please post setup.cfg.
>
> Ciao, Michael.
>
>
>
> 


More information about the python-ldap mailing list