Menu
▾
▴
Re: SASL/GSSAPI problems
|
From: Wido D. <wid...@gm...> - 2004-11-08 23:10:54
|
On Wed, 3 Nov 2004 10:05:34 +0100, Hans Aschauer <han...@ep...> wrote: > On Saturday 30 October 2004 02:07, Wido Depping wrote: > > Hi All, > > some users of Luma ( http://luma.sf.net ) have problems with binding > > to a directory using the SASL/GSSAPI method. All these people have a > > working Kerberos environment and using SASL/MD5 work flawlessly. > > Here's the output they get from the console: > > > > SASL/GSSAPI authentication started > > Error during LDAP bind request > > Reason: {'info': 'SASL(0): successful result: ', 'desc': 'Local error'} > > This error is most likely due to a wrong setup of kerberos <-> LDAP, and has > probably nothing to do with python-ldap. The luma users might look at > > http://www.bayour.com/LDAPv3-HOWTO.html > > which is a great HOWTO for setting up a working ldap server with GSSAPI > authentication. It also explains the reasons for a 'local error'. BTW, it was > some time ago that I last looked at python-ldap, but I think that it still is > built on top of the openldap-libraries. So SASL/GSSAPI will work only if it > also works using ldapsearch (and vice versa(?)). Hi All, The solution for my problem was simpler than expected. In my code I had "sasl_cb_value_dict = None" instead of "sasl_cb_value_dict = {}". After correcting this, everything worked. However it would be good if the developer gets a more meaningful error message than 'local error'. Beside that, I just want to say that python-ldap is a really nice library and it has helped me a lot with my Luma development, altough I don't use its full potential :) mfg. Wido Depping -- Wido Depping ICQ: 51303067 AIM: wido3379 Jabber: wi...@ja... Blog: http://widoww.blogspot.com |
