[Pythonmac-SIG] Active Directory authentication on Mac using Python
brad.allen@omsdal.com
brad.allen at omsdal.com
Tue Aug 16 01:57:23 CEST 2005
Thanks for the info, Nicolas. I will take a look at your Perl script.
Brad Allen
IT Desktop Support
brad.allen at omsdal.com
Nicholas Riley <njriley at uiuc.edu> wrote on 08/15/2005 04:19:41 PM:
> On Mon, Aug 15, 2005 at 03:46:31PM -0500, brad.allen at omsdal.com wrote:
> > Thanks for setting me straight. So, I'm unclear on whether LDAP
> > authentication actually uses Kerberos in some underlying way
> > (via SASL), or whether it actually sends the password across the
> > network. Maybe I'm barking up the wrong tree by trying to use LDAP.
>
> LDAP uses SASL which uses GSSAPI which uses Kerberos (I think :). In
> several of these cases, the path you're following is one of several
> plugins.
>
> I had a lot of trouble getting SASL binding to work from Python, at
> least on Linux, when I tried it a year ago. Your best bet may be to
> simply wrap kinit (to get a TGT) and ldapsearch with Python.
>
> You can see my eventual script (in Perl, not Python, because I
> couldn't get any Python module to do what I wanted) for doing a
> Kerberized LDAP search against Active Directory; there are Perl
> Kerberos bindings, I think, but I didn't bother using them, I just
> exec'ed kinit.
>
> <http://njr.pycs.net/weblog/2004/06/03.html#P28>
>
> --
> Nicholas Riley <njriley at uiuc.edu> | <http://www.uiuc.edu/ph/www/njriley>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/pythonmac-sig/attachments/20050815/0edc3372/attachment-0001.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 18067 bytes
Desc: not available
Url : http://mail.python.org/pipermail/pythonmac-sig/attachments/20050815/0edc3372/attachment-0001.jpeg
More information about the Pythonmac-SIG
mailing list