Menu
▾
▴
ldaps and Active Directory
|
From: Patrick A. T. <ptr...@sw...> - 2010-02-01 16:52:28
|
I am pulling my hair out trying to connect via ldaps to one of our AD
controllers.
Everything works just fine with ldap:389, but as soon as I try to use
ldaps:636, I get this:
ldap.SERVER_DOWN: {'info': '(unknown error code)', 'desc': "Can't
contact LDAP server"}
My code is exactly as in "Demo/initialize.py":
import sys
import ldap
ldap.set_option(ldap.OPT_REFERRALS, 0)
ldap.set_option(ldap.OPT_DEBUG_LEVEL,0)
ldapmodule_trace_level = 1
ldapmodule_trace_file = sys.stderr
host = "ldaps://ad_host:636"
con =
ldap.initialize(host,trace_level=ldapmodule_trace_level,trace_file=ldapmodule_trace_file)
con.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
con.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_DEMAND)
con.set_option(ldap.OPT_X_TLS_CACERTFILE, 'path/to/cert.crt')
con.set_option(ldap.OPT_DEBUG_LEVEL, 255)
con.bind_s(full_dn, pass)
#openssl s_client -CAfile path/to/cert.crt -connect ad_host:636 returns
a successful connection and I am also able to connect with other ldap
clients (jxplorer) with SSL and the same CA cert.
What am I missing?
Thank you,
Patrick
|
