ldap usage

Jed Parsons jedp at ilm.com
Thu Mar 30 22:11:47 CEST 2006


 > Which LDAP server are you using? You can switch off this behaviour
 > with OpenLDAP. See man 5 slapd.conf, allow <features>.

I don't have anything other than user access.  Good to know about this 
feature, though.

You've been very helpful - I really appreciate it.

Can you recommend any favorite books or sites where I can learn more 
about ldap?

Many thanks,
j

Michael Ströder wrote:
> Jed Parsons wrote:
>> As an addendum, I discovered one little gotcha, namely that this:
>>
>>     l.bind_s(username, password, ldap.AUTH_SIMPLE)
>>
>> throws an ldap.INVALID_CREDENTIALS error if the password contains the
>> wrong text, but works if the password is empty.  I guess this is
>> tantamount to binding as ("", ""), but I wasn't expecting it; I figured
>> if a username was specified, the password would have to agree.
> 
> Yes, this is by design. Empty cred means just switching to anon
> bind. LDAP was not intended to be used for password checking at that time.
> 
> Which LDAP server are you using? You can switch off this behaviour with
> OpenLDAP. See man 5 slapd.conf, allow <features>.
> 
>>  So my
>> little authentication example also needs to test for empty passwords.
> 
> Yes!
> 
> Ciao, Michael.

-- 
Jed Parsons       Industrial Light + Magic  (415) 746-2974
	
grep(do{for(ord){(!$_&&print"$s\n")||(($O+=(($_-1)%6+1)and
grep(vec($s,$O++,1)=1,1..int(($_-6*6-1)/6))))}},(split(//,
"++,++2-27,280,481=1-7.1++2,800+++2,8310/1+4131+1++2,80\0.  What!?")));




More information about the Python-list mailing list