From michael at stroeder.com Sat Jan 13 19:08:52 2001 From: michael at stroeder.com (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Sat, 13 Jan 2001 19:08:52 +0100 Subject: python-ldap binary for Python 2.0 under Win32 Message-ID: <3A6099B4.A55C9258@stroeder.com> HI! (Aargh! Wrong URL in my previous message!) A quick note that there is a Win32 build of the python-ldap module available for download now which is e.g. needed for running web2ldap on Win32 platform: http://www.web2ldap.de/install.html#packages_win32 Thanks to the contributor! Any feedback is appreciated. Ciao, Michael. From michael at stroeder.com Mon Jan 15 09:08:27 2001 From: michael at stroeder.com (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Mon, 15 Jan 2001 09:08:27 +0100 Subject: ldaps? References: <20010114234644.C3557@needle.mudshark.org> Message-ID: <3A62AFFB.63FEFB50@stroeder.com> Jack Cummings wrote: > > Is there support in ldap-python for ldaps? Not yet. BTW: I had the idea of passing a socket object to the python-ldap LDAPObject constructor. Maybe we can then pass a SSL socket (available in Python 2.0 if built against OpenSSL). Is this possible? Ciao, Michael. From michael at stroeder.com Mon Jan 15 15:34:05 2001 From: michael at stroeder.com (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Mon, 15 Jan 2001 15:34:05 +0100 Subject: NULL result without error in call_object Message-ID: <3A630A5D.D5A59080@stroeder.com> HI! I'm getting the following exception with recent CVS snapshot of python-ldap (under Python 2.0 built against OpenLDAP 1.2.11 libs). result_type,result_data = ls.l.result(ldap_msgid,0) SystemError: NULL result without error in call_object Can anybody enlighten me what this means? Ciao, Michael. From david.leonard at csee.uq.edu.au Tue Jan 16 01:23:14 2001 From: david.leonard at csee.uq.edu.au (David Leonard) Date: Tue, 16 Jan 2001 10:23:14 +1000 (EST) Subject: NULL result without error in call_object In-Reply-To: <3A630A5D.D5A59080@stroeder.com> Message-ID: On Mon, 15 Jan 2001, Michael Str?der typed thusly: > I'm getting the following exception with recent CVS snapshot of > python-ldap (under Python 2.0 built against OpenLDAP 1.2.11 libs). > > result_type,result_data = ls.l.result(ldap_msgid,0) > SystemError: NULL result without error in call_object It means that one of the C functions is returning an exception, but not setting the exception object. let me see... -- David Leonard David.Leonard at dstc.edu.au DSTC Room:78-632 Ph:+61 7 336 58358 The University of Queensland http://www.dstc.edu.au/ QLD 4072 AUSTRALIA B73CD65FBEF4C089B79A8EBADF1A932F13EA0FC8 I put my chin on my knee, and looked for flaws in the soft grain of my beige plastic monitor casing. - Julian Assange From michael at stroeder.com Tue Jan 16 10:40:58 2001 From: michael at stroeder.com (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Tue, 16 Jan 2001 10:40:58 +0100 Subject: NULL result without error in call_object References: Message-ID: <3A64172A.36F94430@stroeder.com> David Leonard wrote: > > On Mon, 15 Jan 2001, Michael Str?der typed thusly: > > > result_type,result_data = ls.l.result(ldap_msgid,0) > > SystemError: NULL result without error in call_object > > It means that one of the C functions is returning an exception, but not > setting the exception object. Unfortunately I can't provide more details. It happened in my online-demo application and I do not have the parameters of the LDAPObject. Ciao, Michael. From david.leonard at csee.uq.edu.au Sun Jan 28 13:38:24 2001 From: david.leonard at csee.uq.edu.au (David Leonard) Date: Sun, 28 Jan 2001 22:38:24 +1000 (EST) Subject: Documentation for ldap 1.10 Message-ID: Attached is new documentation, built with Python 2.0's documentation tools. Please check and comment. Feel free to suggest changes. d -- David Leonard David.Leonard at dstc.edu.au DSTC Room:78-632 Ph:+61 7 336 58358 The University of Queensland http://www.dstc.edu.au/ QLD 4072 AUSTRALIA B73CD65FBEF4C089B79A8EBADF1A932F13EA0FC8 I put my chin on my knee, and looked for flaws in the soft grain of my beige plastic monitor casing. - Julian Assange -------------- next part -------------- A non-text attachment was scrubbed... Name: _ldap.pdf Type: application/pdf Size: 54215 bytes Desc: URL: From michael at stroeder.com Wed Jan 31 11:05:21 2001 From: michael at stroeder.com (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Wed, 31 Jan 2001 11:05:21 +0100 Subject: Documentation for ldap 1.10 References: Message-ID: <3A77E361.2D58A893@stroeder.com> David Leonard wrote: > > Attached is new documentation, Good to see the docs. For my understanding: What's the exact focus of this document? Do you have more chapters in mind? If yes, which? Naming _ldap could cause confusion. The programming examples also mention "import _ldap". Is this the preferred way. IMHO not. It would be nice if the sub sections also appear in the PDF index. The description of the LDAPObject methods in section 1.1.5 could be divided into sections containing similar methods: - Misc - Searching - Adding/Modifying - Attributes ... Ciao, Michael. From michael at stroeder.com Tue Feb 6 14:38:43 2001 From: michael at stroeder.com (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Tue, 06 Feb 2001 14:38:43 +0100 Subject: I-D: The Java LDAP Application Program Interface Message-ID: <3A7FFE63.3D02CCB5@stroeder.com> HI! For those of you who are interested in designing/implementing a new class API for python-ldap 2.0 the new Internet Draft "The Java LDAP Application Program Interface" http://www.ietf.org/internet-drafts/draft-ietf-ldapext-ldap-java-api-13.txt might be interesting. It looks more suitable for Python than going with the C-oriented LDAPEXT-API. Anyone interested in implementing that? Ciao, Michael. From david.leonard at csee.uq.edu.au Wed Feb 7 01:03:04 2001 From: david.leonard at csee.uq.edu.au (David Leonard) Date: Wed, 7 Feb 2001 10:03:04 +1000 (EST) Subject: I-D: The Java LDAP Application Program Interface In-Reply-To: <3A7FFE63.3D02CCB5@stroeder.com> Message-ID: On Tue, 6 Feb 2001, Michael Str?der typed thusly: > For those of you who are interested in designing/implementing a new > class API for python-ldap 2.0 the new Internet Draft > > "The Java LDAP Application Program Interface" > > http://www.ietf.org/internet-drafts/draft-ietf-ldapext-ldap-java-api-13.txt > > might be interesting. It looks more suitable for Python than going > with the C-oriented LDAPEXT-API. Anyone interested in implementing > that? well it looks nice. has anyone got any favourite bits? i like the decent methods on LDAPConnection. I think that if we take the java api, and convert all the Javaisms to Pythonisms we could even submit "our own" RFC draft. :) A lot in that java api is 'over the top' in terms of object-orientedness. Here are some: * do we really need a LDAPDN class? Isn't python's string enough? (same with LDAPUrl - could be done in the urllib style) * AttributeSet is just a list * can we ignore/hide LDAPExtendedOperation/Response/Listener? the java api looks overly complex. after whittling it back a bit, i think a nice pythonesqe api could be developed. Here's some of the examples converted from Java to API #-- Example 9.1 import LDAP ld = LDAP.Connection() try: ld.connect("localhost", 389) ld.bind("", "") MY_FILTER = "sn=Jensen" MY_SEARCHBASE = "o=Ace Industry, c=US" cons = ld.getSearchConstraints() cons.setBatchSize(1) res = ld.search(MY_SEARCHBASE, ld.SCOPE_ONE, MY_FILTER, None, 0, cons) for findEntry in res: print findEntry.getDN() findAttrs = findEntry.getAttributeSet() enumAttrs = findAttrs.getAttributes() print "Attributes:" for anAttr in enumAttrs: print `anAttr.getName()` for aVal in anAttr.getStringValues() print `aVal` except LDAP.Exception: print "Error!" if ld.isConnected(): ld.disconnect() #-- example 9.2 import LDAP ld = LDAP.Connection() try: MY_HOST = "localhost" MY_PORT = 389 ld.connect(MY_HOST, MY_PORT) MY_NAME = "cn=Barbara Jensen,o=Ace Industry,c=US" MY_PASSWORD = "MysteryLady" ld.bind(MY_NAME, MY_PASSWORD) attrEmail = LDAP.Attribute("mail", "babs at ace.com") mod = LDAP.Modification(LDAP.REPLACE, attrEmail) ld.modify(MY_NAME, mod) print "Entry modified" except LDAP.Exception: print "Error!" if ld.isConnected(): ld.disconnect() Feel free to convert some more to see if you like the feel of it, or if it reminds you of a way that its done in another python builtin/library. d -- David Leonard David.Leonard at dstc.edu.au CRC For Distributed Systems Technology Room:78-632 Ph:+61 7 336 58358 The University of Queensland http://www.dstc.edu.au/ QLD 4072 AUSTRALIA B73CD65FBEF4C089B79A8EBADF1A932F13EA0FC8 From fog at mixadlive.com Wed Feb 7 01:00:34 2001 From: fog at mixadlive.com (Federico Di Gregorio) Date: Wed, 7 Feb 2001 01:00:34 +0100 Subject: I-D: The Java LDAP Application Program Interface In-Reply-To: ; from david.leonard@csee.uq.edu.au on Wed, Feb 07, 2001 at 10:03:04AM +1000 References: <3A7FFE63.3D02CCB5@stroeder.com> Message-ID: <20010207010034.I1378@mixadlive.com> i still doesn't have looked at the java api, but converting your examples to use my python classes is just a question of changing method names. ok, i'll look into the java api and see if i can convert my classes to respect the api. ciao, federico Scavenging the mail folder uncovered David Leonard's letter: > On Tue, 6 Feb 2001, Michael Str?der typed thusly: > > > For those of you who are interested in designing/implementing a new > > class API for python-ldap 2.0 the new Internet Draft > > > > "The Java LDAP Application Program Interface" > > > > http://www.ietf.org/internet-drafts/draft-ietf-ldapext-ldap-java-api-13.txt > > > > might be interesting. It looks more suitable for Python than going > > with the C-oriented LDAPEXT-API. Anyone interested in implementing > > that? > > well it looks nice. has anyone got any favourite bits? > i like the decent methods on LDAPConnection. > > I think that if we take the java api, and convert all the Javaisms > to Pythonisms we could even submit "our own" RFC draft. :) > > A lot in that java api is 'over the top' in terms of object-orientedness. > Here are some: > * do we really need a LDAPDN class? Isn't python's string enough? > (same with LDAPUrl - could be done in the urllib style) > * AttributeSet is just a list > * can we ignore/hide LDAPExtendedOperation/Response/Listener? > > the java api looks overly complex. after whittling it back a bit, i think > a nice pythonesqe api could be developed. > > Here's some of the examples converted from Java to API > > #-- Example 9.1 > import LDAP > ld = LDAP.Connection() > try: > ld.connect("localhost", 389) > ld.bind("", "") > MY_FILTER = "sn=Jensen" > MY_SEARCHBASE = "o=Ace Industry, c=US" > cons = ld.getSearchConstraints() > cons.setBatchSize(1) > res = ld.search(MY_SEARCHBASE, ld.SCOPE_ONE, MY_FILTER, None, 0, cons) > for findEntry in res: > print findEntry.getDN() > findAttrs = findEntry.getAttributeSet() > enumAttrs = findAttrs.getAttributes() > print "Attributes:" > for anAttr in enumAttrs: > print `anAttr.getName()` > for aVal in anAttr.getStringValues() > print `aVal` > except LDAP.Exception: > print "Error!" > if ld.isConnected(): > ld.disconnect() > > > #-- example 9.2 > import LDAP > > ld = LDAP.Connection() > try: > MY_HOST = "localhost" > MY_PORT = 389 > ld.connect(MY_HOST, MY_PORT) > > MY_NAME = "cn=Barbara Jensen,o=Ace Industry,c=US" > MY_PASSWORD = "MysteryLady" > ld.bind(MY_NAME, MY_PASSWORD) > > attrEmail = LDAP.Attribute("mail", "babs at ace.com") > mod = LDAP.Modification(LDAP.REPLACE, attrEmail) > ld.modify(MY_NAME, mod) > print "Entry modified" > except LDAP.Exception: > print "Error!" > if ld.isConnected(): > ld.disconnect() > > Feel free to convert some more to see if you like the feel of it, or > if it reminds you of a way that its done in another python builtin/library. > > d > -- > David Leonard David.Leonard at dstc.edu.au > CRC For Distributed Systems Technology Room:78-632 Ph:+61 7 336 58358 > The University of Queensland http://www.dstc.edu.au/ > QLD 4072 AUSTRALIA B73CD65FBEF4C089B79A8EBADF1A932F13EA0FC8 > > > From 520010731148-0001 at t-online.de Wed Feb 7 10:39:08 2001 From: 520010731148-0001 at t-online.de (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Wed, 07 Feb 2001 10:39:08 +0100 Subject: I-D: The Java LDAP Application Program Interface References: <3A7FFE63.3D02CCB5@stroeder.com> <20010207010034.I1378@mixadlive.com> Message-ID: <3A8117BC.DFA1F897@stroeder.com> Federico Di Gregorio wrote: > > i still doesn't have looked at the java api, but converting your examples > to use my python classes is just a question of changing method names. > ok, i'll look into the java api and see if i can convert my classes to > respect the api. I would prefer to stick to a class API which has been discussed on the LDAPEXT list quite thoroughly. It might also be more convenient for people working in the Python and Java world to find a similar API. Ciao, Michael. From fog at mixadlive.com Wed Feb 7 10:44:12 2001 From: fog at mixadlive.com (Federico Di Gregorio) Date: Wed, 7 Feb 2001 10:44:12 +0100 Subject: I-D: The Java LDAP Application Program Interface In-Reply-To: <3A8117BC.DFA1F897@stroeder.com>; from 520010731148-0001@t-online.de on Wed, Feb 07, 2001 at 10:39:08AM +0100 References: <3A7FFE63.3D02CCB5@stroeder.com> <20010207010034.I1378@mixadlive.com> <3A8117BC.DFA1F897@stroeder.com> Message-ID: <20010207104412.C674@mixadlive.com> Scavenging the mail folder uncovered Michael Str?der's letter: > Federico Di Gregorio wrote: > > > > i still doesn't have looked at the java api, but converting your examples > > to use my python classes is just a question of changing method names. > > ok, i'll look into the java api and see if i can convert my classes to > > respect the api. > > I would prefer to stick to a class API which has been discussed on > the LDAPEXT list quite thoroughly. It might also be more convenient > for people working in the Python and Java world to find a similar > API. maybe i din't express myself right. i wanted to say that, having already done part of the work in my classes, i'll look into the API and try to produce a working version of it borrowing from my (old) code. ciao, federico -- Federico Di Gregorio MIXAD LIVE Chief of Research & Technology fog at mixadlive.com Debian GNU/Linux Developer & Italian Press Contact fog at debian.org All programmers are optimists. -- Frederick P. Brooks, Jr. From 520010731148-0001 at t-online.de Wed Feb 7 11:07:45 2001 From: 520010731148-0001 at t-online.de (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Wed, 07 Feb 2001 11:07:45 +0100 Subject: I-D: The Java LDAP Application Program Interface References: Message-ID: <3A811E71.8EEF3283@stroeder.com> David Leonard wrote: > > On Tue, 6 Feb 2001, Michael Str?der typed thusly: > > > http://www.ietf.org/internet-drafts/draft-ietf-ldapext-ldap-java-api-13.txt > > > > might be interesting. It looks more suitable for Python than going > > with the C-oriented LDAPEXT-API. Anyone interested in implementing > > that? > > I think that if we take the java api, and convert all the Javaisms > to Pythonisms we could even submit "our own" RFC draft. :) You're keen on having your name on top of a RFC? Well, why not... ;-) > * do we really need a LDAPDN class? Isn't python's string enough? Well, the string representation of DNs according to RFC2253 is somewhat limited. A DN is something like: RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value AttributeValue } AttributeValue can actually be any type. If e.g. a T61String is used and you convert it to a UTF-8-encoded string representation there's an information loss (the information about the original encoding). I'm not sure whether this affects handling DNs in LDAP but it affects handling DNs of certificate (in PKIX you might have to hash the DER-encoding of a DN e.g. in OCSP queries). I already have some code for a generic X.500 name class (for parsing certificates). It's not ready for prime time yet but I would like to improve it and contribute it to python-ldap. > (same with LDAPUrl - could be done in the urllib style) I think it's necessary to have distinguished classes. Because there are no method signatures in Python we have to distinguish the type of parameters in many class methods. Doing e.g. something like isinstance(param,LDAPURL) or other Pythonism like checking param.__class__.__name__ elps in this regard. > * AttributeSet is just a list No. ASN.1 type SET is a set which isn't a list. A set has no particular order. Believe me, you will need it. E.g. think about comparing to instances of AttributeSet... > * can we ignore/hide LDAPExtendedOperation/Response/Listener? > > the java api looks overly complex. after whittling it back a bit, i think > a nice pythonesqe api could be developed. If X.500-based standards are involved things will always get complex. :-( Especially from my experience with parsing X.509 certs/CRLs I would strongly argue to stay as close as possible to this I-D. In the long run it's less work than repairing a limited subset afterwards. Off course some classes like LDAPExtendedOperation can be deferred...(though interesting for server-side sorting, virtual list controls etc.) Ciao, Michael. From sascha at free.de Wed Feb 7 16:41:40 2001 From: sascha at free.de (Sascha Gresk) Date: Wed, 07 Feb 2001 16:41:40 CET Subject: Playing around with python-ldap, your patches and search continuations... Message-ID: On Wed, 07 Feb 2001, Konstantin Chuguev wrote: > Date: Wed, 07 Feb 2001 13:26:49 +0000 > To: Michael Str?der > From: Konstantin Chuguev > Subject: Re: Playing around with python-ldap, your patches and search > continuations... > > Hi Michael, > > [CC'ing to the python-ldap list in case somebody would like to > comment...] > > Michael Str?der wrote: > > > Konstantin Chuguev wrote: > > > > > > I completely agree with the idea of having a separate package > supporting > > > OpenLDAPv2 only. > > > > Yes. But how this will be built wasn't clear. Sascha proposed using > > SWIG. > > Using SWIG isnt as simple as the name might appear, so this might intruduce an extra difficulty for people trying to help develop python-ldap. > > I've got some questions on that, which I couldn't find on the SWIG web > site: > - Does SWIG work with Python 2? Yes. Using Python2 solved some dynamic loading problems I had on solaris. > - How C preprocessor constants (#define ...) are converted to Python by > SWIG? I have handcrafted an extra file for this (this was indeed simple): ... snipp ... const int SUCCESS=0x00; const int OPERATIONS_ERROR=0x01; const int PROTOCOL_ERROR=0x02; const int TIMELIMIT_EXCEEDED=0x03; const int SIZELIMIT_EXCEEDED=0x04; const int COMPARE_FALSE=0x05; const int COMPARE_TRUE=0x06; .. snipp ... > I suppose one will need to create C constants corresponding to the macros > manually. Yes ;-) > - In the mailing list, Sascha Gresk said: "- swig does not currently > parse > every conceivable type of C declaration"; can you name any particular > type > causing trouble? Try to parse the supplied ldap.h - you will see SWIG needs a some more friendly version of this header. Everything not being recognized is being treated as a simple pointer. Its possible to change this behaviour by using so-called "typemaps", for example if you would want a char ** to act more like a list of strings, you would start writing a typemap.... If you would like to get an impression of LDAP and SWIG you might download this from http://www.free.de/homes/sascha/swig-ldap ... Swig-ldap is far from complete but it is used in a productive envirionment and is known to be running on freebsd and solaris platforms (There is no reason why it shouldn't be also running on linux, openbsd or hurd). Some lucky day I''ll support openldap2.X .... Sascha PS: today I was reading the LDAP-JAVA-API send to this list. I agree its an good idea to have some kind of documentation like this for python-ldap as well. PSPS: A set of tests included by python-ldap would be a nice thing to have. I have included a silly implementation for ldapsearch and ldapadd in swig-ldap to test its behaviour and to provide a working example ... Sascha > > Regards, > Konstantin. > > -- > * * Konstantin Chuguev - Application Engineer > * * Francis House, 112 Hills Road > * Cambridge CB2 1PQ, United Kingdom > D A N T E WWW: http://www.dante.net > > > > > From Konstantin.Chuguev at dante.org.uk Wed Feb 7 14:26:49 2001 From: Konstantin.Chuguev at dante.org.uk (Konstantin Chuguev) Date: Wed, 07 Feb 2001 13:26:49 +0000 Subject: Playing around with python-ldap, your patches and search continuations... References: <3A7EC83B.8C81AD80@stroeder.com> <3A800D0B.1956D66@dante.org.uk> <3A803BE8.C90C98A6@stroeder.com> Message-ID: <3A814D19.62ABF3A3@dante.org.uk> Hi Michael, [CC'ing to the python-ldap list in case somebody would like to comment...] Michael Str?der wrote: > Konstantin Chuguev wrote: > > > > I completely agree with the idea of having a separate package supporting > > OpenLDAPv2 only. > > Yes. But how this will be built wasn't clear. Sascha proposed using > SWIG. > I've got some questions on that, which I couldn't find on the SWIG web site: - Does SWIG work with Python 2? - How C preprocessor constants (#define ...) are converted to Python by SWIG? I suppose one will need to create C constants corresponding to the macros manually. - In the mailing list, Sascha Gresk said: "- swig does not currently parse every conceivable type of C declaration"; can you name any particular type causing trouble? Regards, Konstantin. -- * * Konstantin Chuguev - Application Engineer * * Francis House, 112 Hills Road * Cambridge CB2 1PQ, United Kingdom D A N T E WWW: http://www.dante.net From david.leonard at csee.uq.edu.au Thu Feb 8 00:35:44 2001 From: david.leonard at csee.uq.edu.au (David Leonard) Date: Thu, 8 Feb 2001 09:35:44 +1000 (EST) Subject: I-D: The Java LDAP Application Program Interface In-Reply-To: Message-ID: more on the mapping of the java api to python (which it seems is a good thing) what I forgot to say in my previous message was that I wanted to encourage you (readers of this list) to attempt to convert some of the I-D examples into python as an exercise that might reveal what Java idioms have been used that make it incompatible (or uncomfortable to use) with Python. Java's Iterator and Python's 'for' construct are good examples where they are interchangable in many situations - but not all. only by attempting some expressions do you find out how clumsy/elegant/robust/error-prone they are. remember, by adding a library we are effectively extending a language. With a little work, future expressions in this language extension will be natural and effortless to its users. d On Wed, 7 Feb 2001, David Leonard typed thusly: > Here's some of the examples converted from Java to API > > #-- Example 9.1 > import LDAP > ld = LDAP.Connection() > try: > ld.connect("localhost", 389) > ld.bind("", "") > MY_FILTER = "sn=Jensen" > MY_SEARCHBASE = "o=Ace Industry, c=US" > cons = ld.getSearchConstraints() > cons.setBatchSize(1) > res = ld.search(MY_SEARCHBASE, ld.SCOPE_ONE, MY_FILTER, None, 0, cons) > for findEntry in res: > print findEntry.getDN() > findAttrs = findEntry.getAttributeSet() > enumAttrs = findAttrs.getAttributes() > print "Attributes:" > for anAttr in enumAttrs: > print `anAttr.getName()` > for aVal in anAttr.getStringValues() > print `aVal` > except LDAP.Exception: > print "Error!" > if ld.isConnected(): > ld.disconnect() > > > #-- example 9.2 > import LDAP > > ld = LDAP.Connection() > try: > MY_HOST = "localhost" > MY_PORT = 389 > ld.connect(MY_HOST, MY_PORT) > > MY_NAME = "cn=Barbara Jensen,o=Ace Industry,c=US" > MY_PASSWORD = "MysteryLady" > ld.bind(MY_NAME, MY_PASSWORD) > > attrEmail = LDAP.Attribute("mail", "babs at ace.com") > mod = LDAP.Modification(LDAP.REPLACE, attrEmail) > ld.modify(MY_NAME, mod) > print "Entry modified" > except LDAP.Exception: > print "Error!" > if ld.isConnected(): > ld.disconnect() > > Feel free to convert some more to see if you like the feel of it, or > if it reminds you of a way that its done in another python builtin/library. > > d > -- David Leonard David.Leonard at csee.uq.edu.au Dept of Comp. Sci. and Elec. Engg _ Room:78-640 Ph:+61 7 336 51187 The University of Queensland |+| http://www.csee.uq.edu.au/~leonard/ QLD 4072 AUSTRALIA ~` '~ B73CD65FBEF4C089B79A8EBADF1A932F13EA0FC8 From grahame at typhaon.ucs.uwa.edu.au Thu Feb 8 03:24:51 2001 From: grahame at typhaon.ucs.uwa.edu.au (Grahame Bowland) Date: Thu, 8 Feb 2001 10:24:51 +0800 Subject: Patch - error reporting with LDAP v3 API Message-ID: <20010208102450.A16663@typhaon.ucs.uwa.edu.au> Hi all, The attached patch adds useful error reporting if the server supports LDAP v3 APIs and has defined LDAP_API_VERSION correctly. This makes the module much more useful when using it with OpenLDAP 2.x. I hope it helps. What is the plan on adding support for LDAP v3 functionality (eg. ldap_rename, etc)? I have some of that work done and would be willing to help with the rest. The attached diff should apply to errors.c from python-ldap-1.10alpha3. Cheers, Grahame -- Grahame Bowland University Communications Services, The University of Western Australia Phone: +61 8 9380 1175 -------------- next part -------------- --- errors.c Tue Aug 15 06:37:37 2000 +++ ../../python-ldap/Modules/errors.c Thu Feb 8 10:16:41 2001 @@ -2,7 +2,7 @@ /* * errors that arise from ldap use - * $Id: errors.c,v 1.3 2000/08/14 22:37:37 leonard Exp $ + * $Id: errors.c,v 1.1.1.1 2001/02/07 02:56:15 grahame Exp $ * * Most errors become their own exception */ @@ -31,19 +31,28 @@ return NULL; } #ifdef LDAP_TYPE_IS_OPAQUE +#if !defined(LDAP_API_VERSION) || LDAP_API_VERSION <= 1823 else { + PyErr_SetString(LDAPexception_class, "unknown error (C API does not expose error)"); return NULL; } +#endif #else else { - int errnum; + int errnum, optval; + char *error; PyObject *errobj; PyObject *info; PyObject *str; + PyObject *errornum; +#if defined(LDAP_API_VERSION) && LDAP_API_VERSION > 1823 + ldap_get_option(l, LDAP_OPT_ERROR_NUMBER, &errnum); +#else errnum = l->ld_errno; +#endif if (errnum<0 || errnum>=NUM_LDAP_ERRORS) errobj = LDAPexception_class; /* unknown error XXX */ else @@ -61,6 +70,15 @@ PyDict_SetItemString( info, "desc", str ); Py_XDECREF(str); + errornum = PyInt_FromLong(errnum); + if (errornum) { + PyDict_SetItemString( info, "error", errornum); + } + Py_XDECREF(errornum); + +#if defined(LDAP_API_VERSION) && LDAP_API_VERSION > 1823 + /* how do you get this in LDAP v3 APIs? */ +#else if (l->ld_matched != NULL && *l->ld_matched != '\0') { str = PyString_FromString(l->ld_matched); @@ -68,7 +86,20 @@ PyDict_SetItemString( info, "matched", str ); Py_XDECREF(str); } +#endif +#if defined(LDAP_API_VERSION) && LDAP_API_VERSION > 1823 + ldap_get_option(l, LDAP_OPT_ERROR_STRING, &error); + if (error != NULL && *error != '\0') { + str = PyString_FromString(error); + if (str) { + PyDict_SetItemString(info, "info", str); + } + Py_XDECREF(str); + } + PyErr_SetObject(errobj, info); + Py_DECREF(info); +#else if (l->ld_error != NULL && *l->ld_error != '\0') { str = PyString_FromString(l->ld_error); @@ -78,6 +109,7 @@ } PyErr_SetObject( errobj, info ); Py_DECREF(info); +#endif return NULL; } #endif From david.leonard at csee.uq.edu.au Wed Feb 21 13:01:40 2001 From: david.leonard at csee.uq.edu.au (David Leonard) Date: Wed, 21 Feb 2001 22:01:40 +1000 (EST) Subject: Build Error In-Reply-To: <3A937F46.15FFD53F@ruca.ua.ac.be> Message-ID: On Wed, 21 Feb 2001, Mark De Moor typed thusly: > I'm having some problems in building python-ldap-1.10alpha3 > on a HP-UX 10.20 with HP ansi-C compiler , openldap 1.2.11 > and python 2.0 for web2ldap 0.8.x > > 1. configure wrongly finds that ldap_set_rebind_proc needs 3 arguments > while during the "make" you get an error (LDAPobject.c) that there > are to many args.According to the man page there are 2 arguments. hmmm. that's bad. the log doesn't show why this happened. > cc: "/opt/web2ldap/python-ldap-1.10alpha3/Modules/template.c", line > 1023: > warning 604: Pointers are not assignment-compatible. fixed > cpp: "CIDict.c", line 125: warning 2010: Extra characters on #endif. fixed > 2. After fixing that (brute force) in configure, i get a loader error: > ld -b LDAPObject.o common.o constants.o errors.o functions.o > ldapmodule.o message.o version.o linkedlist.o template.o CIDict.o > -L/opt/ldap/lib -lldap -llber -lm -o _ldapmodule.sl > ld: (Warning) At least one PA 2.0 object file (LDAPObject.o) was > detected. > The linked output may not run on a PA 1.x system. I think this warning is ignorable. It appears in config.log and seems benign. > ld: Invalid loader fixup for symbol "$00000030". I have no idea what causes this. I don't have any hppa boxes handy, so I can't do any tests. The link command comes from Python. Did you have any problems compiling Python 2.0? Do you have gcc installed? Maybe there is another way to associate the libraries.. can you send me the manual page for 'ld'? > Any help / suggestions / solution would greatly be appreciated. > I am not that experienced in compiling/loading, due too lack of time, > i just would like to get web2ldap running and concentrate on the use > and contents of our DS. d -- David Leonard David.Leonard at csee.uq.edu.au Dept of Comp. Sci. and Elec. Engg _ Room:78-640 Ph:+61 7 336 51187 The University of Queensland |+| http://www.csee.uq.edu.au/~leonard/ QLD 4072 AUSTRALIA ~` '~ B73CD65FBEF4C089B79A8EBADF1A932F13EA0FC8 From madmo at ruca.ua.ac.be Wed Feb 21 09:41:42 2001 From: madmo at ruca.ua.ac.be (Mark De Moor) Date: Wed, 21 Feb 2001 09:41:42 +0100 Subject: Build Error Message-ID: <3A937F46.15FFD53F@ruca.ua.ac.be> I'm having some problems in building python-ldap-1.10alpha3 on a HP-UX 10.20 with HP ansi-C compiler , openldap 1.2.11 and python 2.0 for web2ldap 0.8.x 1. configure wrongly finds that ldap_set_rebind_proc needs 3 arguments while during the "make" you get an error (LDAPobject.c) that there are to many args.According to the man page there are 2 arguments. 2. After fixing that (brute force) in configure, i get a loader error: /opt/web2ldap/python-ldap-1.10alpha3>make cd Modules && make srcdir=/opt/web2ldap/python-ldap-1.10alpha3/Modules VPATH=/opt/web2ldap/python-ldap-1.10alpha3/Modules cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/LDAPObject.c cc: "/opt/ldap/include/ldap.h", line 519: warning 617: Redeclaration of tag "timeval" ignored. cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/common.c cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/constants.c cc: "/opt/ldap/include/ldap.h", line 519: warning 617: Redeclaration of tag "timeval" ignored. cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/errors.c cc: "/opt/ldap/include/ldap.h", line 519: warning 617: Redeclaration of tag "timeval" ignored. cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/functions.c cc: "/opt/ldap/include/ldap.h", line 519: warning 617: Redeclaration of tag "timeval" ignored. cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/ldapmodule.c cc: "/opt/ldap/include/ldap.h", line 519: warning 617: Redeclaration of tag "timeval" ignored. cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/message.c cc: "/opt/ldap/include/ldap.h", line 519: warning 617: Redeclaration of tag "timeval" ignored. cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/version.c cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/linkedlist.c cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/template.c cc: "/opt/ldap/include/ldap.h", line 519: warning 617: Redeclaration of tag "timeval" ignored. cc: "/opt/web2ldap/python-ldap-1.10alpha3/Modules/template.c", line 1023: warning 604: Pointers are not assignment-compatible. cc -Ae +z -I. -DLDAP_REFERRALS -I/opt/ldap/include -O -I/opt/python/include/python2.0 -I/opt/python/include/python2.0 -DHAVE_CONFIG_H -c /opt/web2ldap/python-ldap-1.10alpha3/Modules/CIDict.c cpp: "CIDict.c", line 125: warning 2010: Extra characters on #endif. ld -b LDAPObject.o common.o constants.o errors.o functions.o ldapmodule.o message.o version.o linkedlist.o template.o CIDict.o -L/opt/ldap/lib -lldap -llber -lm -o _ldapmodule.sl ld: (Warning) At least one PA 2.0 object file (LDAPObject.o) was detected. The linked output may not run on a PA 1.x system. ld: Invalid loader fixup for symbol "$00000030". *** Error exit code 1 Stop. *** Error exit code 1 Stop. The config.log is in attachment. Any help / suggestions / solution would greatly be appreciated. I am not that experienced in compiling/loading, due too lack of time, i just would like to get web2ldap running and concentrate on the use and contents of our DS. Regards Mark De Moor ______________________________________________________________________________ Mark De Moor | Email: madmo at ruca.ua.ac.be |\ /| /\ ___ | / UA-Ruca ComputerCentrum | Www: | \/ | /__\ |__| |< Groenenborgerlaan,171 | Tel: ++ 32 3 2180320 | | / \ | \ | \ B 2020 Antwerpen | Fax: ++ 32 3 2180443 ============================================================================== -------------- next part -------------- A non-text attachment was scrubbed... Name: config.log Type: application/x-unknown-content-type-txtfile Size: 18314 bytes Desc: not available URL: From david.leonard at csee.uq.edu.au Fri Feb 23 01:06:48 2001 From: david.leonard at csee.uq.edu.au (David Leonard) Date: Fri, 23 Feb 2001 10:06:48 +1000 (EST) Subject: Build Error (fwd) Message-ID: (for list's info; large attachments omitted) ---------- Forwarded message ---------- Date: Thu, 22 Feb 2001 10:33:50 +0100 (MET) From: Mark De Moor To: David Leonard Subject: Re: Build Error > > 1. configure wrongly finds that ldap_set_rebind_proc needs 3 arguments > > while during the "make" you get an error (LDAPobject.c) that there > > are to many args.According to the man page there are 2 arguments. > > hmmm. that's bad. the log doesn't show why this happened. After cleaning up and doing the original configure again, it finds the right number of arguments. Don't know what happened, but ok... Still have the loader problem > > I have no idea what causes this. I don't have any hppa boxes handy, so > I can't do any tests. The link command comes from Python. > Did you have any problems compiling Python 2.0? I attached the python config.log and results of the make make > make.log 2>make.error > Do you have gcc installed? No, i use Hp ansi-C compiler. I once had gcc , but had a lot of problems in compiling packages, it went better with Hp ansi-C. Maybe it depends on the package which compiler works best. > Maybe there is another way to associate the libraries.. can you send me the > manual page for 'ld'? Included in attachment I also included the openldap 1.2.11 config.log. Tanx very much for looking into this. Regards Mark From Jason.Tishler at dothill.com Tue Mar 6 17:14:21 2001 From: Jason.Tishler at dothill.com (Jason Tishler) Date: Tue, 6 Mar 2001 11:14:21 -0500 Subject: Cygwin Patch In-Reply-To: <20001227093750.A251@dothill.com>; from Jason.Tishler@dothill.com on Wed, Dec 27, 2000 at 09:37:50AM -0500 References: <3A3637AD.4C5977FD@stroeder.com> <20001227093750.A251@dothill.com> Message-ID: <20010306111421.E1393@dothill.com> My Cygwin patches to Python have been accepted into Python CVS so Cygwin Python has supported shared extensions since 2.1a1. I have redone my Cygwin python-ldap patch against the current python-ldap CVS. Please consider this patch for acceptance into python-ldap CVS. The procedure to apply the patch is as follows: $ # save the attachment to /tmp $ cd python-ldap/Modules $ patch On Sun, 10 Dec 2000 23:27:49 +0100, David Leonard wrote: > > * python-ldap-1.10 will be tidied up, with just the memory-leak > > patches applied, and a proper documentation build. (ie no v3 > > changes will be applied as it breaks v2 builds.) A final release > > will be made. > > Hopefully, the attached patch (against python-ldap-1.10alpha3) can > still be considered for inclusion in the 1.10 final release. It enables > python-ldap to build OOTB as a shared extension for Cygwin Python. > > Cygwin is an open-source POSIX emulation layer that enables many > GNU and UNIX tools to port to Windows without any source code changes. > If interested, please see http://www.cygwin.com for more information. > > Note that the patch has no functional changes -- it only enables the > code to compile cleanly with Cygwin gcc. Specifically, the changes > are as follows: > > 1. replaced #ifdef WIN32 with #if defined(WIN32) || defined(__CYGWIN__) > as described in http://www.python.org/doc/FAQ.html#3.24 > 2. added DL_EXPORT to init_ldap() > > I'm quite willing to redo the patch against python-ldap CVS if that > will facilitate its acceptance. > > My original plan was to wait until the Cygwin Python DLL and Shared > Extension Patch: > > http://sourceforge.net/patch/?func=detailpatch&patch_id=102409&group_id=5470 > > was accepted and committed into Python CVS before contacting the list. > However, due to the impending 1.10 final release, I realized that it > would be prudent to submit the patch sooner rather than later. Thanks, Jason -- Jason Tishler Director, Software Engineering Phone: +1 (732) 264-8770 x235 Dot Hill Systems Corp. Fax: +1 (732) 264-8798 82 Bethany Road, Suite 7 Email: Jason.Tishler at dothill.com Hazlet, NJ 07730 USA WWW: http://www.dothill.com -------------- next part -------------- Index: LDAPObject.c =================================================================== RCS file: /cvsroot/python-ldap/python-ldap/Modules/LDAPObject.c,v retrieving revision 1.8 diff -u -p -r1.8 LDAPObject.c --- LDAPObject.c 2000/10/19 08:25:14 1.8 +++ LDAPObject.c 2001/03/06 15:24:52 @@ -1842,7 +1842,7 @@ setattr( LDAPObject* self, char* name, P /* type entry */ PyTypeObject LDAP_Type = { -#ifdef WIN32 +#if defined(WIN32) || defined(__CYGWIN__) /* see http://www.python.org/doc/FAQ.html#3.24 */ PyObject_HEAD_INIT(NULL) #else /* ! WIN32 */ Index: ldapmodule.c =================================================================== RCS file: /cvsroot/python-ldap/python-ldap/Modules/ldapmodule.c,v retrieving revision 1.1 diff -u -p -r1.1 ldapmodule.c --- ldapmodule.c 2000/07/27 16:08:58 1.1 +++ ldapmodule.c 2001/03/06 15:24:52 @@ -22,12 +22,12 @@ static PyMethodDef methods[] = { /* module initialisation */ -void +DL_EXPORT(void) init_ldap() { PyObject *m, *d; -#ifdef WIN32 +#if defined(WIN32) || defined(__CYGWIN__) /* See http://www.python.org/doc/FAQ.html#3.24 */ LDAP_Type.ob_type = &PyType_Type; #endif Index: linkedlist.c =================================================================== RCS file: /cvsroot/python-ldap/python-ldap/Modules/linkedlist.c,v retrieving revision 1.4 diff -u -p -r1.4 linkedlist.c --- linkedlist.c 2000/08/13 15:03:25 1.4 +++ linkedlist.c 2001/03/06 15:24:53 @@ -111,7 +111,7 @@ static PySequenceMethods default_methods }; static PyTypeObject default_type = { -#ifdef WIN32 +#if defined(WIN32) || defined(__CYGWIN__) /* see http://www.python.org/doc/FAQ.html#3.24 */ PyObject_HEAD_INIT(NULL) #else /* ! WIN32 */ Index: template.c =================================================================== RCS file: /cvsroot/python-ldap/python-ldap/Modules/template.c,v retrieving revision 1.6 diff -u -p -r1.6 template.c --- template.c 2000/08/13 14:57:52 1.6 +++ template.c 2001/03/06 15:24:56 @@ -548,7 +548,7 @@ TemplateItem_setattr(self, attr, value) } static PyTypeObject TemplateItem_Type = { -#ifdef WIN32 +#if defined(WIN32) || defined(__CYGWIN__) PyObject_HEAD_INIT(NULL) #else /* ! WIN32 */ PyObject_HEAD_INIT(&PyType_Type) @@ -725,7 +725,7 @@ fprintf(stderr, "TemplateDefault_repr RE } static PyTypeObject TemplateDefault_Type = { -#ifdef WIN32 +#if defined(WIN32) || defined(__CYGWIN__) PyObject_HEAD_INIT(NULL) #else /* ! WIN32 */ PyObject_HEAD_INIT(&PyType_Type) @@ -908,7 +908,7 @@ Template_setattr(self, attr, value) } static PyTypeObject Template_Type = { -#ifdef WIN32 +#if defined(WIN32) || defined(__CYGWIN__) PyObject_HEAD_INIT(NULL) #else /* ! WIN32 */ PyObject_HEAD_INIT(&PyType_Type) From david.leonard at csee.uq.edu.au Sat Mar 10 11:14:55 2001 From: david.leonard at csee.uq.edu.au (David Leonard) Date: Sat, 10 Mar 2001 20:14:55 +1000 (EST) Subject: Documentation for ldap 1.10 In-Reply-To: <3AA7DE3A.E55A8255@stroeder.com> Message-ID: On Thu, 8 Mar 2001, Michael Str?der typed thusly: > David Leonard wrote: > > Attached is new documentation, built with Python 2.0's documentation tools. > Can you please upload the PDF file. People are asking for it... http://python-ldap.sourceforge.net/docs.php -- David Leonard David.Leonard at csee.uq.edu.au Dept of Comp. Sci. and Elec. Engg _ Room:78-640 Ph:+61 7 336 51187 The University of Queensland |+| http://www.csee.uq.edu.au/~leonard/ QLD 4072 AUSTRALIA ~` '~ B73CD65FBEF4C089B79A8EBADF1A932F13EA0FC8 Why are apartments so close together? From Jason.Tishler at dothill.com Fri Mar 9 04:58:07 2001 From: Jason.Tishler at dothill.com (Jason Tishler) Date: Thu, 8 Mar 2001 22:58:07 -0500 Subject: Cygwin Patch In-Reply-To: <20010306111421.E1393@dothill.com>; from Jason.Tishler@dothill.com on Tue, Mar 06, 2001 at 11:14:21AM -0500 References: <3A3637AD.4C5977FD@stroeder.com> <20001227093750.A251@dothill.com> <20010306111421.E1393@dothill.com> Message-ID: <20010308225807.A1566@dothill.com> On Tue, Mar 06, 2001 at 11:14:21AM -0500, Jason Tishler wrote: > My Cygwin patches to Python have been accepted into Python CVS so > Cygwin Python has supported shared extensions since 2.1a1. I have > redone my Cygwin python-ldap patch against the current python-ldap CVS. > Please consider this patch for acceptance into python-ldap CVS. David was kind enough to give me write access to python-ldap CVS. So, I just committed the above patch. If the changes cause anyone some heartache, please holler. Although I don't expect any problems, since this patch is the same in spirit to a few of my patches that have been applied to the Python standard modules. Thanks, Jason -- Jason Tishler Director, Software Engineering Phone: +1 (732) 264-8770 x235 Dot Hill Systems Corp. Fax: +1 (732) 264-8798 82 Bethany Road, Suite 7 Email: Jason.Tishler at dothill.com Hazlet, NJ 07730 USA WWW: http://www.dothill.com From michael at stroeder.com Tue Mar 13 14:42:16 2001 From: michael at stroeder.com (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Tue, 13 Mar 2001 14:42:16 +0100 Subject: compiling against OpenLDAP 2.0.7 References: Message-ID: <3AAE23B8.F410412E@stroeder.com> Jens Vagelpohl wrote: > > the subject says it all... has anyone done it yet? Two different patches are available. Check the list archive. Not sure if they're compatible with recent changes. Ciao, Michael. From jens at digicool.com Tue Mar 13 15:20:23 2001 From: jens at digicool.com (Jens Vagelpohl) Date: Tue, 13 Mar 2001 09:20:23 -0500 Subject: compiling against OpenLDAP 2.0.7 In-Reply-To: <3AAE23B8.F410412E@stroeder.com> Message-ID: i scoured the mailing list archives before and tried both patches, against a fresh CVS checkout of python-ldap and against the latest released tarball. no go. (apart from the fact that the patches did not work against the release tarball, only against the CVS checkout) jens on 3/13/01 8:42, Michael Str?der at michael at stroeder.com wrote: > Jens Vagelpohl wrote: >> >> the subject says it all... has anyone done it yet? > > Two different patches are available. Check the list archive. > Not sure if they're compatible with recent changes. > > Ciao, Michael. > From michael at stroeder.com Tue Mar 20 00:39:46 2001 From: michael at stroeder.com (Michael =?iso-8859-1?Q?Str=F6der?=) Date: Tue, 20 Mar 2001 00:39:46 +0100 Subject: Python LDAP / LDIF References: <930BBCA4CEBBD411BE6500508BB3328F1AC891@nsamcanms1.ca.baltimore.com> Message-ID: <3AB698C2.5AA525B9@stroeder.com> Greg Wilson wrote: > > The "ldif.py" file included with your distribution seems > to translate LDIF to and from Python dicts; You're on the right track: l.search() / l.result or l.search_s() returns a list of tuples of DN and Python dict which you can convert into LDIF with ldif.CreateLDIF(). > does the main > library contain a function or functions that I could use > to push and pull LDIF with the server? Pulling/pushing directly LDIF wouldn't make much sense since the LDAP servers are already shipped with tools which do exactly this. But feel free to dig into http://www.web2ldap.de to see how I'm doing it. (Module w2lsearch, w2ladd - not very pretty code though.) Ciao, Michael.