problem binding to AD with known-good credentials

jacob martinson martinson.jacob at gmail.com
Sat Jun 17 20:43:08 CEST 2006


I am unable to bind to an Active Directory system using python-ldap.

I created a user in AD with search rights and am able to do a simple
bind with the java-based "LDAP Browser" and search/browse the
directory with those credentials.

When I try to do a simple bind to the directory with python-ldap I
don't get an exception, but when I try to perform the search, I get an
exception indicating I didn't bind successfully:

Traceback (most recent call last):
  File "./tmp", line 29, in ?
    search_ad(email='user at domain.com',password='passwd')
  File "./tmp", line 20, in search_ad
    result_type, result_data = l.result(ldap_result_id, 0)
  File "/usr/lib/python2.3/site-packages/ldap/ldapobject.py", line
399, in result
    res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
  File "/usr/lib/python2.3/site-packages/ldap/ldapobject.py", line
405, in result2
    return self._ldap_call(self._l.result2,msgid,all,timeout)
  File "/usr/lib/python2.3/site-packages/ldap/ldapobject.py", line 94,
in _ldap_call
    result = func(*args,**kwargs)
ldap.OPERATIONS_ERROR: {'info': '00000000: LdapErr: DSID-0C090627,
comment: In order to perform this operation a successful bind must be
completed on the connection., data 0, vece', 'desc': 'Operations
error'}

I am attaching the script that generated this exception.  Am I missing
something?

Thanks!

jacob
-------------- next part --------------
#!/usr/bin/env python

import ldap
import ldapconf

def search_ad(email,password=''):

        # Connect to ldap server, retrieve the CN tied to the given email addr
        try:
                l = ldap.open(ldapconf.host)
                l.protocol_version = ldap.VERSION3
                l.simple_bind_s(ldapconf.ldap_user,ldapconf.ldap_pass)
        except ldap.LDAPError, e:
                print e

        filter = '%s%s' % ( ldapconf.filter, email )
        ldap_result_id = l.search(ldapconf.base_dn, ldap.SCOPE_SUBTREE, ldapconf.filter, ['cn'])
        result_set = []
        while 1:
                result_type, result_data = l.result(ldap_result_id, 0)
                if (result_data == []):
                        break
                else:
                        if result_type == ldap.RES_SEARCH_ENTRY:
                                result_set.append(result_data)
        print result_set


search_ad(email='user at domain.com',password='passwd')
-------------- next part --------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642


More information about the python-ldap mailing list