[python-ldap] Modifying user attributes
Ziad Badawi
ziadbad at gmail.com
Wed Feb 25 12:06:15 CET 2015
I will give that shot after getting the certificate. But I am wondering if
I could just bypass the certificate check and connect successfully without
it.
I am also still wondering how does it work correctly after executing the
script several more times
On Wed, Feb 25, 2015 at 9:48 AM, Michael Ströder <michael at stroeder.com>
wrote:
> Ziad Badawi wrote:
> > On Tue, Feb 24, 2015 at 6:32 PM, Michael Ströder <michael at stroeder.com>
> > wrote:
> >
> >> Ziad Badawi wrote:
> >>> l = ldap.initialize('ldaps://domain.local:636')
> >>>
> >>> l.simple_bind_s('user', 'passwd')
> >>> [..]
> >>> When I execute this, I get
> >>> ldap.SERVER_DOWN: {'info': 'TLS error -5939:No more entries in the
> >>> directory', 'desc': "Can't contact LDAP server"}
> >>
> >> This is a TLS related error probably occuring at l.simple_bind_s(). Use
> >> ldap.initialize('ldaps://domain.local:636',trace_level=1) (or higher
> trace
> >> level) to see details. Beware that password is sent to trace output.
> >>
> >> After checking the trace, it does fail on simple_bind_s.
> >
> >> I don't see where you set the CA cert(s) used to validate the server
> cert.
> >
> > I do not know how to use that and I used
> > ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) to
> avoid
> > using TLS as I learned.
>
> See Demo/initialize.py in the source distribution.
>
> Ciao, Michael.
>
>
--
Z
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20150225/163b00e6/attachment.html>
More information about the python-ldap
mailing list