possible bug(s) in python-ldap sasl code

[Ino Heatwave]

Hi,

Im currently testing out python-ldap and Im connecting to an active
directory service.

Binding works ok, but searching usually (usually as in I cant remember if it
has worked at one point in time or not) ends with an error ("00000000:
LdapErr: DSID-0C090627, comment: In order to perform this operation a
successful bind must be completed on the connection., data 0, vece"). The
data, however is received when I use the library asynchronously. (I.e it
sends me the search results, then raises the exception). I could provide
sample code that gives me this behaviour. Writing a custom search method
that masks this error works great though, but feels kinda ugly...

But my main problem is: I cant bind with two different LDAPObjects on the
same server. E.g creating two connections to the same server, using sasl
bind (digest-md5). The latter bind operation always raises "
ldap.INVALID_CREDENTIALS: {'info': '00090313: LdapErr: DSID-0C09043E,
comment: AcceptSecurityContext error, data 0, vece', 'desc': 'Invalid
credentials'}", even though the username/password are identical. Again, I
could provide some sample code that shows this behaviour if you're
interested.

Connecting with two ldapobjects to the same server and binding works fine
with TLS though, but it would certainly be a lot better if we could have
support for this through sasl.

Any ideas?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20070504/f55f6716/attachment.html>