python-ldap: searching without specifying an OU?

Michael Ströder michael at
Wed Apr 23 12:11:44 CEST 2008

hotani wrote:
> Thanks for the response. The user I'm connecting as should have full
> access but I'll double check tomorrow.
> This is the LDAP error that is returned when I leave out the OU:
> {'info': '00000000: LdapErr: DSID-0C090627, comment: In order to
> perform this operation a successful bind must be completed on the
> connection., data 0, vece', 'desc': 'Operations error'}

This clearly indicates that the bind was not successful and you're 
trying anonymous search access here which is not allowed in default 
configuration of AD. I'm not sure whether you can allow anonymous access 
at ou-level.

You could try to use trace_level=2 to check whether bind is really 
successful and which bind-DN and credentials are actually used.

Ciao, Michael.

More information about the Python-list mailing list