Re: python-ldap, Zope, and NDS

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Timothy Wilson wrote:
> 
> Python 1.5.2 (#0, Apr  3 2000, 14:46:48)  [GCC 2.95.2 20000313 (Debian
> GNU/Linux)] on linux2
> Copyright 1991-1995 Stichting Mathematisch Centrum, Amsterdam
> >>> import ldap
> >>> l = ldap.open("206.131.108.2",389)
> >>> l.simple_bind_s("ou=do,o=isd_197","")
                       ^^^^^^^^^^^^^^^^^^^
Please read the doc of ldapmodule again. The DN is meant for binding
as this object (e.g. an entry describing a user) and is used for
authentication/authorization. If doing a anonymous bind you can
simply use an empty DN.

> >>> test = l.search_s("ou=do,o=isd_197", ldap.SCOPE_SUBTREE,
> "objectclass=*")
> >>> test2 = l.search_s("ou=do,o=isd_197", ldap.SCOPE_ONELEVEL,
> "objectclass=*")
> Traceback (innermost last):
>   File "<stdin>", line 1, in ?
> ldap.INVALID_DN_SYNTAX: {'desc': 'Invalid DN syntax'}
> >>>

Hmm. And this very special search works with web2ldap?

> I'm more convinced than ever that this is an NDS issue.

But if it works with the more complex web2ldap it should work with
your simple source too since both uses ldapmodule. There's not extra
voodoo in web2ldap. E.g. web2ldap works with ldap://nldap.com which
is a (rather ancient) NDS server.

> those bindery objects in the NDS tree is really just a kludge to prevent
> breaking legacy apps that depend on the pre-NDS technology.

> I'm not sure what you mean by "canonifying the DN." Care to expand on that?

In your simple case it means removing whitespaces around the comma.
In more complex situations it also means handling escape sequences
for special characters like + , ; etc.

Ciao, Michael.