Menu
▾
▴
Re: authentication - no errors
|
From: Michael E. <men...@ka...> - 2003-05-08 10:10:16
|
OK - got my shiny new OpenLDAP 2.1.18 built and pre11 built and when I=20=
run the following test script with an invalid password like this
import ldap
try:
l =3D ldap.open("127.0.0.1")
dn =3D "cn=3DDirectory Manager, o=3Dmydomain.com"
password =3D "test"
l.simple_bind(dn, password)
print "got here"
except ldap.LDAPError, e:
print e
it prints out "got here"
I tried changing the dn and password to invalid entries in a bunch of=20
different combinations but it always allows me to bind.
Here's my slapd.conf which is basically the default config
## default ACl
access to *
by self write
by users read
by anonymous auth
database bdb
suffix "o=3Dmydomain.com"
rootdn "cn=3DDirectory Manager,o=3Dmydomain.com"
rootpw secret
directory /usr/local/var/openldap-data/mydomain.com/
index uid,cn,sn,givenName pres,eq,sub
So is this a configuration issue with openldap? I admit I don't fully=20=
understand ACL's but this appears to say that the default access is
Allow self write access
Allow authenticated users read access
Allow anonymous users to authenticate
which if I'm correct would cause python-ldap to throw an Exception if I=20=
passed in an invalid dn/password.
Thanks for any help.
Michael
On Wednesday, May 7, 2003, at 05:44 PM, Michael Str=F6der wrote:
> Michael Engelhart wrote:
>> how do I tell if it's using the "right" libraries?
>
> Under Linux there's ldd. Not sure about Mac OS X though. On my Linux=20=
> system it looks like this:
>
> $ ldd /usr/lib/python2.2/site-packages/_ldap.so
> libldap_r.so.2 =3D>=20
> /usr/local/openldap-REL_ENG_2_1/lib/libldap_r.so.2 (0x40010000)
> liblber.so.2 =3D>=20
> /usr/local/openldap-REL_ENG_2_1/lib/liblber.so.2 (0x40059000)
> libsasl2.so.2 =3D> /usr/local/cyrus-sasl/lib/libsasl2.so.2=20
> (0x40067000)
> libssl.so.0.9.6 =3D> /usr/lib/libssl.so.0.9.6 (0x4008b000)
> libcrypto.so.0.9.6 =3D> /usr/lib/libcrypto.so.0.9.6 =
(0x400bc000)
> libc.so.6 =3D> /lib/libc.so.6 (0x40192000)
> libresolv.so.2 =3D> /lib/libresolv.so.2 (0x402b0000)
> libdl.so.2 =3D> /lib/libdl.so.2 (0x402c2000)
> libkrb5.so.17 =3D> /usr/lib/libkrb5.so.17 (0x402c5000)
> libasn1.so.5 =3D> /usr/lib/libasn1.so.5 (0x402fc000)
> libroken.so.9 =3D> /usr/lib/libroken.so.9 (0x4031e000)
> libcom_err.so.1 =3D> /usr/lib/libcom_err.so.1 (0x40330000)
> /lib/ld-linux.so.2 =3D> /lib/ld-linux.so.2 (0x80000000)
> libcrypt.so.1 =3D> /lib/libcrypt.so.1 (0x40334000)
> libdb-4.0.so =3D> /usr/lib/libdb-4.0.so (0x40365000)
>
>> I'm using pre06
>
> Please always try with latest and greatest (python-ldap 2.0.0pre11 at=20=
> the moment). But I'm pretty sure that's not your problem.
>
>> and built it against the only libraries that are on my Mac OS X box=20=
>> which comes with openldap 2.0.x libs installed.
>
> Exact version of OpenLDAP? Note that OpenLDAP 2.0.x is not actively=20
> maintained anymore.
>
>> Maybe I did build it incorrectly???
>
> Please post setup.cfg.
>
> Ciao, Michael.
>
>
>
> -------------------------------------------------------
> Enterprise Linux Forum Conference & Expo, June 4-6, 2003, Santa Clara
> The only event dedicated to issues related to Linux enterprise=20
> solutions
> www.enterpriselinuxforum.com
>
> _______________________________________________
> Python-LDAP-dev mailing list
> Pyt...@li...
> https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
>
|
