password bind

Michael Ströder michael at
Fri Jun 10 13:40:09 CEST 2005

Fabio Marcone wrote:
> I would know if there is a way to pass to bind() method an encrypted password. 

Which entity do you want to decrypt this password and with which key?

LDAPv3 requires a clear-text password to be passed with simple bind
request. If you want to protect the password from being sniffed you have
to protect your LDAP connection with SSL or TLS. Another option is to
use SASL bind with reasonable strong challenge-response mechanism (e.g.

> I read this password from a configuration file and would not write password 
> in it in clear text.

This has nothing to do with python-ldap or LDAPv3. The only thing which
helps is to avoid having to store a password in your configuration.

It's impossible to give better advice without any background information
about what your LDAP client looks like.

Ciao, Michael.

More information about the python-ldap mailing list