Menu
▾
▴
Re: Hanging during ldaps
|
From: Mauro C. <mci...@li...> - 2004-01-05 18:52:12
|
Goucher, Adam wrote:
>I'm trying to use python-ldap to connect to an iplanet 5.1 ldap.
>Connecting via ldap:// works, but the script is hanging when connecting
>through ldaps://. Can anyone see what I am doing wrong?
>
><script>
>import ldap
>ldap.set_option(ldap.OPT_DEBUG_LEVEL, 5)
>
># build our uri
>uri = "ldaps://ldap_host:6360"
>
># connect to the ldap server
>p_handle = ldap.initialize(uri)
>p_handle.protocol_version = ldap.VERSION3
>
># bind
>p_handle.simple_bind("cn=directory manager", "*****")
>
># search so we know we are connected
>p_search = p_handle.search("", ldap.SCOPE_BASE, "objectclass=*")
>
>
This call looks strange to me: iPlanet has always wanted a real base
there (i.e., no "" as you possibly could using Active Directory, but a
correct search base for your server like "dc=ldapserver, dc=acme,
dc=com" or similar).
If you say it does work using plain LDAP, however, this cannot be the
reason for your script hanging, still I'm amazed it does, the RFC
clearly states that you must explicitly set the search base and iPlanet
have always prided themselves in being standards compliant (not like
that other major software vendor ;-)
>p_return = p_handle.result(p_search)
>res_type, res_values = p_return
>print res_values
></script>
>
><output>
>ldap_create
>ldap_url_parse_ext(ldaps://ldap_host:6360)
>ldap_bind
>ldap_simple_bind
>ldap_sasl_bind
>ldap_send_initial_request
>ldap_new_connection
>ldap_int_open_connection
>ldap_connect_to_host: TCP ldap_host:6360
>ldap_new_socket: 1904
>ldap_prepare_socket: 1904
>ldap_connect_to_host: Trying ldap_ip:6360
>ldap_connect_timeout: fd: 1904 tm: -1 async: 0
>ldap_ndelay_on: 1904
>ldap_ndelay_off: 1904
>ldap_open_defconn: successful
>ldap_send_server_request
>ldap_search_ext
>put_filter: "objectclass=*"
>put_filter: default
>put_simple_filter: "objectclass=*"
>ldap_send_initial_request
>ldap_send_server_request
>ldap_result msgid 2
>ldap_chkResponseList for msgid=2, all=1
>ldap_chkResponseList for msgid=2, all=1
>ldap_int_select
></ouput>
>
>I am using python 2.3.2 for windows, and the python-ldap module found at
>http://www.zope.org/Members/volkerw/LdapWin32.dsdfs
>
>
I don't know this module, however you might want to give a try to my
Win32 binary of Python-LDAP, you can find it at
http://www.siosistemi.it/~mcicogni/ at the beginning of the page under
"Python stuff".
Beware, your mileage may vary.
If this doesn't work, either, it *might* be that your server isn't
configured correctly (i.e., TLS Certificates and such): do other LDAPS
client work?
Mauro
|
