[python3-ldap] Key error help

python3ldap python3ldap at gmail.com
Sat Mar 22 09:43:43 CET 2014 

Hello Andrew,
I think that Joseph's is the right solution. In LDAP there are two
ways a server can use referral, "global referral" or "continuation
referral".

A global referral is a single response to an operation and means that
the contacted server "cannot or will not perform the operation and
that one or more other servers may be able to" (RFC4511, part 4.1.10)
while a continuation referral can be mixed to the search entry results
and means that the server "knows" that you could find additional
entries in the referred server. Both of these referral kinds return
the same "uri" attribute that is a list of servers (with dn of the
base) to contact.

python3-ldap can automatically follow the "global referral", issuing
the same operation on one uf the server specified in the uri, in a
recursive way, up to 10 levels (as specified in the RFC) and avoiding
looping between servers, but not the continuation referrals. I should
try to extend the referral "machinery" to the "continuation" types,
but unitl now I didn't get a server where to test them. I put this
feature in the "work to do" queue in the roadmap of the project.

Bye,
Giovanni

Have fun,
gc


2014-03-22 1:54 GMT+01:00 Andrew Hydle <ahydle at gmail.com>:
> A hah! That makes perfect sense. Thank you!
>
>
> On Fri, Mar 21, 2014 at 3:54 PM, Joseph L. Casale
> <jcasale at activenetwerx.com> wrote:
>>
>> > It is querying against Windows Server 2012 Active Directory. If I
>> > perform the search
>> > on those URI's I dont believe it will return any of my users. Those are
>> > specific schema
>> > containers for active directory. Is there a way I can get it to not come
>> > back in the response?
>>
>> (misdirected the first response...)
>>
>> Be more robust in your parsing, you are looking for an account object,
>> this has a 'dn' or a
>> 'type' of 'searchResEntry' for example...
>>
>>         for resp in connection.response:
>>             if resp['type'] == 'searchResEntry':
>>                 return resp['dn'], resp['attributes']
>>
>> Additionally, don't index an object you don't know exists. Check for it
>> first for example...
>>
>> hth,
>> jlc
>> _______________________________________________
>> python3-ldap mailing list
>> python3-ldap at python.org
>> https://mail.python.org/mailman/listinfo/python3-ldap
>
>
>
> _______________________________________________
> python3-ldap mailing list
> python3-ldap at python.org
> https://mail.python.org/mailman/listinfo/python3-ldap
>

More information about the python3-ldap mailing list