[python-ldap] Modifying user attributes
Michael Ströder
michael at stroeder.com
Wed Feb 25 08:48:33 CET 2015
Ziad Badawi wrote:
> On Tue, Feb 24, 2015 at 6:32 PM, Michael Ströder <michael at stroeder.com>
> wrote:
>
>> Ziad Badawi wrote:
>>> l = ldap.initialize('ldaps://domain.local:636')
>>>
>>> l.simple_bind_s('user', 'passwd')
>>> [..]
>>> When I execute this, I get
>>> ldap.SERVER_DOWN: {'info': 'TLS error -5939:No more entries in the
>>> directory', 'desc': "Can't contact LDAP server"}
>>
>> This is a TLS related error probably occuring at l.simple_bind_s(). Use
>> ldap.initialize('ldaps://domain.local:636',trace_level=1) (or higher trace
>> level) to see details. Beware that password is sent to trace output.
>>
>> After checking the trace, it does fail on simple_bind_s.
>
>> I don't see where you set the CA cert(s) used to validate the server cert.
>
> I do not know how to use that and I used
> ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) to avoid
> using TLS as I learned.
See Demo/initialize.py in the source distribution.
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4252 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20150225/6dfe8ec1/attachment.bin>
More information about the python-ldap
mailing list