Hanging during ldaps

Michael Ströder michael at stroeder.com
Mon Jan 5 22:38:51 CET 2004

Mauro Cicognini wrote:
 > Goucher, Adam wrote:
 >> # search so we know we are connected
 >> p_search = p_handle.search("", ldap.SCOPE_BASE, "objectclass=*")
 > This call looks strange to me: iPlanet has always wanted a real base
 > there (i.e., no "" as you possibly could using Active Directory, but a
 > correct search base for your server like "dc=ldapserver, dc=acme,
 > dc=com" or similar).

Since the search scope is base it would grab the server's Root DSE where you 
can read some configuration data, e.g. attribute'namingContexts'. This is 
almost a perfectly LDAPv3 compliant search request. Well, the filter string 
"objectclass=*" is *not* correct according to RFC2254. Please use 
"(objectclass=*)" since it could cause some strange effects with buggy LDAP 

Side note: Make sure you use SunONE Directory Server 5.1SP2 or newer to 
avoid running into other strange bugs! But that's another story... ;-)

Ciao, Michael.

More information about the python-ldap mailing list