ldap.sasl.gssapi example?

Gavin Doughtie gdoughtie at anim.dreamworks.com
Wed Apr 7 01:42:30 CEST 2004


Yes, running as the same user. Here's the detailed dump:

ldap_interactive_sasl_bind_s: user selected: GSSAPI
ldap_int_sasl_bind: GSSAPI
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: ldap4.anim.dreamworks.com
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.4.141:389
ldap_connect_timeout: fd: 3 tm: -1 async: 0
ldap_ndelay_on: 3
ldap_is_sock_ready: 3
ldap_ndelay_off: 3
ldap_err2string                  <--- failure
ldap_free_connection
ldap_send_unbind
ldap_free_connection: act

Do I need to put any more information in the ldap.sasl.gssapi() object?

Michael Ströder wrote:
> Gavin Doughtie wrote:
> 
>> I'm running the Python script from an interactive shell, and I have a 
>> Kerberos ticket. So far, everything is running as me with my tickets. 
>> As far as the Python script having access -- well, as far as I can 
>> understand things it *should* have access via the native sasl library 
>> which, using GSSAPI, should go grab my ticket and present it to the 
>> LDAP server.
> 
> 
> Running as the same user?
> 
>> However, I think either the sasl_bind_interactive method is broken or 
>> I'm not giving it the right information.
> 
> 
> Hmm, maybe it's broken. Please raise debug level set with 
> ldap.set_option(ldap.OPT_DEBUG_LEVEL,0). Maybe this gives some hints.
> 
> Ciao, Michael.

-- 
Gavin Doughtie
DreamWorks SKG
(818) 695-3821




More information about the python-ldap mailing list