From mcicogni at siosistemi.it Wed Oct 1 10:38:08 2003 From: mcicogni at siosistemi.it (Mauro Cicognini) Date: Wed, 01 Oct 2003 10:38:08 +0200 Subject: Ldap.initialize vs. ldap.open [was: Re: Segmention fault on redhat 9 on ldap_simple_bind_s] In-Reply-To: <5C2D54B6-F33D-11D7-837F-000393D58818@zope.com> References: <5C2D54B6-F33D-11D7-837F-000393D58818@zope.com> Message-ID: <3F7A9270.80808@siosistemi.it> Jens Vagelpohl wrote: > ldap.open is deprecated. Read the docs and use ldap.initialize instead. May I say that I don't really care for ldap.initialize()? I must have missed something, but I really can't understand why the older style should be deprecated. What's the real win over using ldap.open()? :-\ To put it in other words, I can't get myself to appreciate LDAP URLs, which I find quite cumbersome & complicated. I can never remember whether the "sub" argument goes before or after the attribute list, and the inability to specify arguments by name (? la Python) is to me a big loss. Besides, I am instanciating an LDAP object, so it should be quite clear I need an object which talks LDAP, without having to write it again in a function argument :-) IMHO, the LDAP URL only interesting usage is in a browser URL line (in fact I strongly suspect is *was* invented for exactly that reason by Netscape). Anyway, there must be some reason, since ldap.open is being deprecated: anyone caring to tell me why? Thanks in advance, Mauro From michael at stroeder.com Wed Oct 1 11:27:03 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Wed, 01 Oct 2003 11:27:03 +0200 Subject: Ldap.initialize vs. ldap.open [was: Re: Segmention fault on redhat 9 on ldap_simple_bind_s] In-Reply-To: <3F7A9270.80808@siosistemi.it> References: <5C2D54B6-F33D-11D7-837F-000393D58818@zope.com> <3F7A9270.80808@siosistemi.it> Message-ID: <3F7A9DE7.5070403@stroeder.com> Mauro Cicognini wrote: > Jens Vagelpohl wrote: > >> ldap.open is deprecated. Read the docs and use ldap.initialize instead. > > May I say that I don't really care for ldap.initialize()? I must have > missed something, but I really can't understand why the older style > should be deprecated. What's the real win over using ldap.open()? :-\ ldaps:// and ldapi:// Ciao, Michael. From michael at stroeder.com Wed Oct 1 11:27:03 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Wed, 01 Oct 2003 11:27:03 +0200 Subject: Ldap.initialize vs. ldap.open [was: Re: Segmention fault on redhat 9 on ldap_simple_bind_s] In-Reply-To: <3F7A9270.80808@siosistemi.it> References: <5C2D54B6-F33D-11D7-837F-000393D58818@zope.com> <3F7A9270.80808@siosistemi.it> Message-ID: <3F7A9DE7.5070403@stroeder.com> Mauro Cicognini wrote: > Jens Vagelpohl wrote: > >> ldap.open is deprecated. Read the docs and use ldap.initialize instead. > > May I say that I don't really care for ldap.initialize()? I must have > missed something, but I really can't understand why the older style > should be deprecated. What's the real win over using ldap.open()? :-\ ldaps:// and ldapi:// Ciao, Michael. From mcicogni at siosistemi.it Wed Oct 1 11:48:03 2003 From: mcicogni at siosistemi.it (Mauro Cicognini) Date: Wed, 01 Oct 2003 11:48:03 +0200 Subject: Ldap.initialize vs. ldap.open [was: Re: Segmention fault on redhat 9 on ldap_simple_bind_s] In-Reply-To: <3F7A9DE7.5070403@stroeder.com> References: <5C2D54B6-F33D-11D7-837F-000393D58818@zope.com> <3F7A9270.80808@siosistemi.it> <3F7A9DE7.5070403@stroeder.com> Message-ID: <3F7AA2D3.8000607@siosistemi.it> Michael Str?der wrote: > Mauro Cicognini wrote: > >> Jens Vagelpohl wrote: >> >>> ldap.open is deprecated. Read the docs and use ldap.initialize instead. >> >> >> May I say that I don't really care for ldap.initialize()? I must have >> missed something, but I really can't understand why the older style >> should be deprecated. What's the real win over using ldap.open()? :-\ > > ldaps:// and ldapi:// You mean there's no way to open a secure LDAP connection other than using initialize()? Duh... Anyway, thanks for the explanation. BTW, what's "ldapi://"? Mauro From michael at stroeder.com Wed Oct 1 12:23:42 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Wed, 01 Oct 2003 12:23:42 +0200 Subject: Ldap.initialize vs. ldap.open [was: Re: Segmention fault on redhat 9 on ldap_simple_bind_s] In-Reply-To: <3F7AA2D3.8000607@siosistemi.it> References: <5C2D54B6-F33D-11D7-837F-000393D58818@zope.com> <3F7A9270.80808@siosistemi.it> <3F7A9DE7.5070403@stroeder.com> <3F7AA2D3.8000607@siosistemi.it> Message-ID: <3F7AAB2E.50708@stroeder.com> Mauro Cicognini wrote: > Michael Str?der wrote: > >> Mauro Cicognini wrote: >> >>> May I say that I don't really care for ldap.initialize()? I must have >>> missed something, but I really can't understand why the older style >>> should be deprecated. What's the real win over using ldap.open()? :-\ >> >> ldaps:// and ldapi:// > > You mean there's no way to open a secure LDAP connection other than > using initialize()? To use LDAP over SSL on a separate server port you need ldap.initialize(). Using StartTLS extended operation is a different story. Anyway use ldap.initialize() when developing apps to be more flexible in the long run. > Anyway, thanks for the explanation. > > BTW, what's "ldapi://"? LDAP over Unix domain socket, no TCP (supported by OpenLDAP). Ciao, Michael. From marc at msys.ch Fri Oct 3 15:18:12 2003 From: marc at msys.ch (Marc Balmer) Date: Fri, 3 Oct 2003 15:18:12 +0200 Subject: ANN: python-ldap-2.0.0pre14 In-Reply-To: <3F7D7283.5020303@stroeder.com> References: <3F7D7283.5020303@stroeder.com> Message-ID: <20031003151812.09511f46.marc@msys.ch> On Fri, 03 Oct 2003 14:58:43 +0200 Michael Str?der wrote: > Find a new pre-release of python-ldap: Thanks for letting us know. The OpenBSD port will be updated this weekend. In TODO you mention that you should "Define common license for all modules". Have you considere putting everything under the very liberal and very free BSD license? That would make the software as free as it can bee (more free than GPL). Then, do you consider adding kerberosV support (which is in OpenLDAP)? If you don't, would you accept a patch if we didi it? Regards from Switzerland, Marc From michael at stroeder.com Fri Oct 3 15:30:06 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Fri, 03 Oct 2003 15:30:06 +0200 Subject: ANN: python-ldap-2.0.0pre14 In-Reply-To: <20031003151812.09511f46.marc@msys.ch> References: <3F7D7283.5020303@stroeder.com> <20031003151812.09511f46.marc@msys.ch> Message-ID: <3F7D79DE.2000905@stroeder.com> Marc Balmer wrote: > > In TODO you mention that you should "Define common license for all > modules". Have you considere putting everything under the very liberal > and very free BSD license? That would make the software as free as it > can bee (more free than GPL). It's definitely not GPL'ed. My aim is to have a Python style license as already stated on the project's summary page. The intention is that you can do with python-ldap whatever you are allowed to do with Python itself. Does that suit your needs? > Then, do you consider adding kerberosV support (which is in OpenLDAP)? Not myself. There is some SASL support for Kerberos. > If you don't, would you accept a patch if we didi it? I'm not a C programmer therefore I prefer to keep myself away from sources under Modules/. I'd accept a patch provided that you are willing to maintain that part in the future (the next ~2 years). Ciao, Michael. From jean-marc.pouchoulon at ac-montpellier.fr Mon Oct 6 13:02:57 2003 From: jean-marc.pouchoulon at ac-montpellier.fr (jean-marc pouchoulon) Date: Mon, 6 Oct 2003 13:02:57 +0200 Subject: Segmention fault on redhat 9 on ldap_simple_bind_s In-Reply-To: <5C2D54B6-F33D-11D7-837F-000393D58818@zope.com> Message-ID: <00db01c38bf9$669ae290$baa71dac@in.acmontpellier.fr> Thanks for yours previous answers, it works on debian,xp without any problem but on redhat 9 no. What I can see using strace is connect(4, {sa_family=AF_INET, sin_port=htons(53), sin_addr=inet_addr("X.X.X.X")}, 28) = 0 send(4, "]\242\1\0\0\1\0\0\0\0\0\0\00212\00261\003168\003192\7i"..., 44, 0) = 44 gettimeofday({1065437510, 248252}, NULL) = 0 poll([{fd=4, events=POLLIN, revents=POLLIN}], 1, 5000) = 1 ioctl(4, FIONREAD, [436]) = 0 recvfrom(4, "]\242\205\200\0\1\0\1\0\t\0\t\00212\00261\003168\00319"..., 1024, 0, {sa_family=AF_INET, sin_port=htons(53 ), sin_addr=inet_addr("X.X.X.X")}, [16]) = 436 close(4) = 0 brk(0) = 0x81d1000 brk(0x81d5000) = 0x81d5000 brk(0) = 0x81d5000 brk(0x81d6000) = 0x81d6000 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ Any ideas ? Thanks . From marc at msys.ch Sun Oct 12 12:23:43 2003 From: marc at msys.ch (Marc Balmer) Date: Sun, 12 Oct 2003 12:23:43 +0200 Subject: python-ldap-2.0.0pre14 port to OpenBSD Message-ID: <20031012122343.37b3167a.marc@msys.ch> The OpenBSD port of the python-ldap module has been updated to version 2.0.0pre14 of python-ldap. The port can be downloaded at http://www.etc.msys.ch/ports/. What is new: - Support for python-ldap-2.0.0pre14 - Support for Python2.1 and Python2.2 (the port builds two binary packages by default) - Slightly changed names for the binary packages - mb From gwidion at mpc.com.br Mon Oct 13 13:28:31 2003 From: gwidion at mpc.com.br (Joao S. O. Bueno) Date: Mon, 13 Oct 2003 11:28:31 +0000 Subject: Problem getting started to python ldap. In-Reply-To: <20031012122343.37b3167a.marc@msys.ch> References: <20031012122343.37b3167a.marc@msys.ch> Message-ID: <200310131128.31106.gwidion@mpc.com.br> Hi there, I am new to LDAP, and will be developing some scripts to it. I downloaded Python LDAP pre-14 for Linux. (here is mandrake 9.1), with default options. When I try to">>> import ldap", I get this: >>> import ldap Traceback (most recent call last): File "", line 1, in ? File "/usr/lib/python2.2/site-packages/ldap/__init__.py", line 21, in ? from _ldap import * ImportError: /usr/lib/python2.2/site-packages/_ldap.so: undefined symbol: ldap_first_reference ___ I just guess I am missing some library, and setup failed to point so. Could some one tell what is needed to run it? Or maybe, "import ldap" just is not the way to get started - I usually import a module in an interactve python shell and read the online doc. to get started. Any hints will be appreciated. __ O yes...my contractors will absolutely disallow me to run unstable software there. So, how satble is "pre14", and is there a release date set to 2.0? Or, if there are some features waiting to be finished, what is the latest stable release? Regards, JS -><- From michael at stroeder.com Mon Oct 13 18:27:24 2003 From: michael at stroeder.com (=?ISO-8859-15?Q?Michael_Str=F6der?=) Date: Mon, 13 Oct 2003 18:27:24 +0200 Subject: Problem getting started to python ldap. In-Reply-To: <200310131128.31106.gwidion@mpc.com.br> References: <20031012122343.37b3167a.marc@msys.ch> <200310131128.31106.gwidion@mpc.com.br> Message-ID: <3F8AD26C.3020207@stroeder.com> Joao S. O. Bueno wrote: > ImportError: /usr/lib/python2.2/site-packages/_ldap.so: undefined > symbol: ldap_first_reference There's probably something wrong with your local installation. Check items 10. and 11. on http://python-ldap.sf.net/faq.shtml > Or maybe, "import ldap" just is not the way to get started It's definitely the way to get started. $ python -c "import ldap;print ldap.__version__" 2.0.0pre14 > O yes...my contractors will absolutely disallow me to run unstable > software there. So, how satble is "pre14", I'm using it in several projects. > and is there a release date set to 2.0? No. > Or, if there are some features waiting to be > finished, what is the latest stable release? Look into TODO what is still missing. Contributions welcome. Ciao, Michael. From jean-marc.pouchoulon at ac-montpellier.fr Tue Oct 14 09:08:59 2003 From: jean-marc.pouchoulon at ac-montpellier.fr (jean-marc pouchoulon) Date: Tue, 14 Oct 2003 09:08:59 +0200 Subject: Problem getting started to python ldap + redhat 9 In-Reply-To: <3F8AD26C.3020207@stroeder.com> Message-ID: <002101c39222$0aabf210$baa71dac@in.acmontpellier.fr> It works now for me on redhat 9, using pre14 and libs = lber ldap resolv in setup.cfg. Jean-Marc -----Message d'origine----- De : python-ldap-dev-admin at lists.sourceforge.net [mailto:python-ldap-dev-admin at lists.sourceforge.net] De la part de Michael Str?der Envoy? : lundi 13 octobre 2003 18:27 ? : Joao S. O. Bueno Cc : python-ldap-dev at lists.sourceforge.net Objet : Re: Problem getting started to python ldap. Joao S. O. Bueno wrote: > ImportError: /usr/lib/python2.2/site-packages/_ldap.so: undefined > symbol: ldap_first_reference There's probably something wrong with your local installation. Check items 10. and 11. on http://python-ldap.sf.net/faq.shtml > Or maybe, "import ldap" just is not the way to get started It's definitely the way to get started. $ python -c "import ldap;print ldap.__version__" 2.0.0pre14 > O yes...my contractors will absolutely disallow me to run unstable > software there. So, how satble is "pre14", I'm using it in several projects. > and is there a release date set to 2.0? No. > Or, if there are some features waiting to be > finished, what is the latest stable release? Look into TODO what is still missing. Contributions welcome. Ciao, Michael. From lizard0000092 at hotmail.com Tue Oct 14 15:38:23 2003 From: lizard0000092 at hotmail.com (Gabby James) Date: Tue, 14 Oct 2003 07:38:23 -0600 Subject: (no subject) Message-ID: I apologize for sending another help request on the infamous ldap_first_reference error but I just can't seem to figure it out even after reading old postings. I am using a RedHat 9.0 system with openldap-2.0.27-8 and python-2.2.2-26. I downloaded python-ldap-2.0.0pre14 and compiled. When I start python and try an "import ldap" statement, I get the following error message: Traceback (most recent call last): File "", line 1, in ? File "/usr/lib/python2.2/site-packages/ldap/__init__.py", line 21, in ? from _ldap import * ImportError: /usr/lib/python2.2/site-packages/_ldap.so: undefined symbol: ldap_first_reference I modified setup.cfg to try all of the following after reading old postings: libs = ldap_r lber sasl2 ssl crypto libs = ldap lber libs = ldap lber resolv libs = ldap_r lber libs = ldap_r ldap I compile python-ldap specifically with the version of python I am interested in: python2.2 setup.py build python2.2 setup.py install I have also seen the following comment "This is likely due to missing references.c and references.lo in libraries/libldap_r/Makefile.in". I didn't try this 'casue I couldn't find the file on my system. Could someone explain this in more detail? Any other thoughs on what is going wrong? Thank you. G.J. From jean-marc.pouchoulon at ac-montpellier.fr Tue Oct 14 15:50:59 2003 From: jean-marc.pouchoulon at ac-montpellier.fr (jean-marc pouchoulon) Date: Tue, 14 Oct 2003 15:50:59 +0200 Subject: (no subject) In-Reply-To: Message-ID: <000401c3925a$32eab3a0$baa71dac@in.acmontpellier.fr> Install also openldap openldap-stable-20030709.tgz. Jean-Marc -----Message d'origine----- De : python-ldap-dev-admin at lists.sourceforge.net [mailto:python-ldap-dev-admin at lists.sourceforge.net] De la part de Gabby James Envoy? : mardi 14 octobre 2003 15:38 ? : python-ldap-dev at lists.sourceforge.net Objet : (no subject) I apologize for sending another help request on the infamous ldap_first_reference error but I just can't seem to figure it out even after reading old postings. I am using a RedHat 9.0 system with openldap-2.0.27-8 and python-2.2.2-26. I downloaded python-ldap-2.0.0pre14 and compiled. When I start python and try an "import ldap" statement, I get the following error message: Traceback (most recent call last): File "", line 1, in ? File "/usr/lib/python2.2/site-packages/ldap/__init__.py", line 21, in ? from _ldap import * ImportError: /usr/lib/python2.2/site-packages/_ldap.so: undefined symbol: ldap_first_reference I modified setup.cfg to try all of the following after reading old postings: libs = ldap_r lber sasl2 ssl crypto libs = ldap lber libs = ldap lber resolv libs = ldap_r lber libs = ldap_r ldap I compile python-ldap specifically with the version of python I am interested in: python2.2 setup.py build python2.2 setup.py install I have also seen the following comment "This is likely due to missing references.c and references.lo in libraries/libldap_r/Makefile.in". I didn't try this 'casue I couldn't find the file on my system. Could someone explain this in more detail? Any other thoughs on what is going wrong? Thank you. G.J. From michael at stroeder.com Tue Oct 14 15:55:22 2003 From: michael at stroeder.com (=?windows-1252?Q?Michael_Str=F6der?=) Date: Tue, 14 Oct 2003 15:55:22 +0200 Subject: (no subject) In-Reply-To: References: Message-ID: <3F8C004A.1050207@stroeder.com> Gabby James wrote: > ImportError: /usr/lib/python2.2/site-packages/_ldap.so: undefined > symbol: ldap_first_reference What does /usr/lib/python2.2/site-packages/_ldap.so say? Ciao, Michael. From gwidion at mpc.com.br Tue Oct 14 13:07:29 2003 From: gwidion at mpc.com.br (Joao S. O. Bueno) Date: Tue, 14 Oct 2003 11:07:29 +0000 Subject: (no subject) In-Reply-To: References: Message-ID: <200310141107.29978.gwidion@mpc.com.br> Hi there! I just went through it (the ldap_first_reference error). It seens like a mandatory first step for Python Ldapers. :-) I think I can figure out what is missing on your procedures: Did you perform a clean-up of th e compiled files between the changes on setup.cfg? The error is in ldap_r, so you must put just ldap for linking, or fix ldap_r yourself, according to the message I linked to in my earlier e-mail today: libs = ldap lber resolv And them python setup.py clean --all python setup.py build su python setup.py install. I am rolling now. On Tuesday 14 October 2003 1:38 pm, Gabby James wrote: > I apologize for sending another help request on the infamous > ldap_first_reference error but I just can't seem to figure it out > even after reading old postings. > > I am using a RedHat 9.0 system with openldap-2.0.27-8 and > python-2.2.2-26. I > downloaded python-ldap-2.0.0pre14 and compiled. When I start > python and try an > "import ldap" statement, I get the following error message: > > Traceback (most recent call last): > File "", line 1, in ? > File "/usr/lib/python2.2/site-packages/ldap/__init__.py", line > 21, in ? from _ldap import * > ImportError: /usr/lib/python2.2/site-packages/_ldap.so: undefined > symbol: ldap_first_reference > > I modified setup.cfg to try all of the following after reading old > postings: libs = ldap_r lber sasl2 ssl crypto > libs = ldap lber > libs = ldap lber resolv > libs = ldap_r lber > libs = ldap_r ldap > > I compile python-ldap specifically with the version of python I am > interested in: > python2.2 setup.py build > python2.2 setup.py install > > I have also seen the following comment "This is likely due to > missing references.c and references.lo in > libraries/libldap_r/Makefile.in". I didn't try this 'casue I > couldn't find the > file on my system. Could someone explain this in more detail? > > Any other thoughs on what is going wrong? > > Thank you. > G.J. > > From lizard0000092 at hotmail.com Tue Oct 14 16:45:30 2003 From: lizard0000092 at hotmail.com (Gabby James) Date: Tue, 14 Oct 2003 08:45:30 -0600 Subject: (no subject) Message-ID: I do have one more question for you all. If I start python2.2 while I am a user (gabby) in the /home/gabby/python-ldap-2.0.0pre14 directory, everything works fine. If I am in any other directory and start python2.2, I receive errors: [gabby at xdx-dhcp-x-xxx-x gabby]$ python2.2 Python 2.2.2 (#1, Feb 24 2003, 19:13:11) [GCC 3.2.2 20030222 (Red Hat Linux 3.2.2-4)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>>import ldap >>>ldap.open("discovery.colostate.edu") Traceback (most recent call last): File "", line 1, in ? AttributeError: 'module' object has no attribute 'open' The ldap server I am using I found on a list of public servers on the internet. From michael at stroeder.com Tue Oct 14 16:53:14 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 14 Oct 2003 16:53:14 +0200 Subject: (no subject) In-Reply-To: References: Message-ID: <3F8C0DDA.4000800@stroeder.com> Gabby James wrote: > > If I start python2.2 while I am a user (gabby) in the > /home/gabby/python-ldap-2.0.0pre14 directory, everything works fine. If > I am in any other directory and start python2.2, I receive errors: > [..] > Traceback (most recent call last): > File "", line 1, in ? > AttributeError: 'module' object has no attribute 'open' Are you sure you're using the very same Python interpreter all the time? Find out with 'which' command. Ciao, Michael- From michael at stroeder.com Tue Oct 14 17:02:26 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 14 Oct 2003 17:02:26 +0200 Subject: (no subject) In-Reply-To: <3F8C0D49.6060105@upfrontsystems.co.za> References: <3F8C0D49.6060105@upfrontsystems.co.za> Message-ID: <3F8C1002.3080708@stroeder.com> Jean Jordaan wrote: > > from ldap import ldap This does not work and is not needed anyway. Ciao, Michael. From jean at upfrontsystems.co.za Tue Oct 14 16:50:49 2003 From: jean at upfrontsystems.co.za (Jean Jordaan) Date: Tue, 14 Oct 2003 16:50:49 +0200 Subject: (no subject) In-Reply-To: References: Message-ID: <3F8C0D49.6060105@upfrontsystems.co.za> > If I start python2.2 while I am a user (gabby) in the > /home/gabby/python-ldap-2.0.0pre14 directory, everything works fine. If you do that, you import the ldap *class*. > If I am in any other directory and start python2.2, If you do that, you import the ldap *module*. In order to import the class, you need to do: `from ldap import ldap`. -- Jean Jordaan http://www.upfrontsystems.co.za From michael at stroeder.com Tue Oct 14 17:02:26 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 14 Oct 2003 17:02:26 +0200 Subject: (no subject) In-Reply-To: <3F8C0D49.6060105@upfrontsystems.co.za> References: <3F8C0D49.6060105@upfrontsystems.co.za> Message-ID: <3F8C1002.3080708@stroeder.com> Jean Jordaan wrote: > > from ldap import ldap This does not work and is not needed anyway. Ciao, Michael. From lizard0000092 at hotmail.com Tue Oct 14 17:14:40 2003 From: lizard0000092 at hotmail.com (Gabby James) Date: Tue, 14 Oct 2003 09:14:40 -0600 Subject: (no subject) Message-ID: Using the which command I can see that I am using /usr/bin/python2.2 in both cases. >From: Michael Str?der >To: Gabby James >CC: python-ldap-dev at lists.sourceforge.net >Subject: Re: (no subject) >Date: Tue, 14 Oct 2003 16:53:14 +0200 > >Gabby James wrote: >> >>If I start python2.2 while I am a user (gabby) in the >>/home/gabby/python-ldap-2.0.0pre14 directory, everything works fine. If I >>am in any other directory and start python2.2, I receive errors: >>[..] >>Traceback (most recent call last): >> File "", line 1, in ? >>AttributeError: 'module' object has no attribute 'open' > >Are you sure you're using the very same Python interpreter all the time? > >Find out with 'which' command. > >Ciao, Michael- > From jens at zope.com Tue Oct 21 15:45:05 2003 From: jens at zope.com (Jens Vagelpohl) Date: Tue, 21 Oct 2003 09:45:05 -0400 Subject: can't get python-ldap-2.0.0pre14.tar.gz from sourceforge In-Reply-To: <14615B6E-03A4-11D8-8E2C-00039388D92A@cs.mu.oz.au> Message-ID: On Tuesday, Oct 21, 2003, at 04:53 US/Eastern, Chris Wright wrote: > Hi, > > When I try to get python-ldap-2.0.0pre14.tar.gz from sourceforge, I > get a file not found error... > > any help would be appreciated > Works for me. Try a different download mirror. jens From anthony_barker at hotmail.com Wed Oct 22 19:09:17 2003 From: anthony_barker at hotmail.com (Anthony Barker) Date: Wed, 22 Oct 2003 17:09:17 +0000 Subject: ssl/tls and ldap? Message-ID: I was wondering if it is possible to use the ldap libraries to access an ldap directory on port 636 using ssl. I couldn't find anything about it in the documentation. Thanks, Anthony From jens at zope.com Wed Oct 22 22:28:54 2003 From: jens at zope.com (Jens Vagelpohl) Date: Wed, 22 Oct 2003 16:28:54 -0400 Subject: ssl/tls and ldap? In-Reply-To: Message-ID: <5AFAD766-04CE-11D8-B15C-000393D58818@zope.com> On Wednesday, Oct 22, 2003, at 13:09 US/Eastern, Anthony Barker wrote: > I was wondering if it is possible to use the ldap libraries to access > an ldap directory on port 636 using ssl. > > I couldn't find anything about it in the documentation. > ldap.initialize lets you pass in both simple LDAP URIs or TLS/LDAP URIs, such as "ldaps://my.server.com:636". Your underlying LDAP libraries must be built with SSL support to make this work. jens From anthony_barker at hotmail.com Fri Oct 24 23:16:08 2003 From: anthony_barker at hotmail.com (Anthony Barker) Date: Fri, 24 Oct 2003 21:16:08 +0000 Subject: ssl/tls and ldap? Message-ID: I was wondering if it is possible to use the ldap libraries to access an ldap directory on port 636 using ssl. I couldn't find anything about it in the documentation. Thanks, Anthony From michael at stroeder.com Sat Oct 25 00:19:01 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sat, 25 Oct 2003 00:19:01 +0200 Subject: ssl/tls and ldap? In-Reply-To: References: Message-ID: <3F99A555.9080504@stroeder.com> Anthony Barker wrote: > > I was wondering if it is possible to use the ldap libraries to access an > ldap directory on port 636 using ssl. It is possible provided your local OpenLDAP libs were built with './configure --with-tls' and python-ldap was built with 'ssl crypto' (without quotes) added to line 'libs' in setup.cfg. See Build/setup.cfg.suse-linux for an example for setup.cfg with SSL/TLS and SASL support. > I couldn't find anything about it in the documentation. See Demo/initialize.py in python-ldap's source distribution. Ciao, Michael. From anthony at interlink.com.au Tue Oct 28 08:26:54 2003 From: anthony at interlink.com.au (Anthony Baxter) Date: Tue, 28 Oct 2003 18:26:54 +1100 Subject: python-ldap does not include Python.h first Message-ID: <200310280726.h9S7Qti0020346@localhost.localdomain> python-ldap breaks the "Always include Python.h first" rule in it's C files - see, e.g. http://www.python.org/dev/doc/devel/ext/simpleExample.html The first line of our file can be: #include which pulls in the Python API (you can add a comment describing the purpose of the module and a copyright notice if you like). Since Python may define some pre-processor definitions which affect the standard headers on some systems, you must include Python.h before any standard headers are included. At least on this Linux Redhat 9 system, this causes all sorts of horrible warnings to be emitted. Doing the right thing makes them go away. Patch attached. Anthony -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/octet-stream Size: 1260 bytes Desc: Python.h-first-patch URL: From michael at stroeder.com Tue Oct 28 11:34:29 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 28 Oct 2003 11:34:29 +0100 Subject: python-ldap does not include Python.h first In-Reply-To: <200310280726.h9S7Qti0020346@localhost.localdomain> References: <200310280726.h9S7Qti0020346@localhost.localdomain> Message-ID: <3F9E4635.3030305@stroeder.com> Anthony Baxter wrote: > python-ldap breaks the "Always include Python.h first" rule in it's > C files - see, e.g. > http://www.python.org/dev/doc/devel/ext/simpleExample.html Thanks for your hint. I've checked in the modifications to CVS. I can confirm that there are less output messages during build now. ;-) Please test. Ciao, Michael. From paul.koelle at archit.uni-weimar.de Thu Oct 30 23:27:47 2003 From: paul.koelle at archit.uni-weimar.de (paul) Date: Thu, 30 Oct 2003 23:27:47 +0100 Subject: change passwd on openldap via exop? Message-ID: <3FA19063.3080009@archit.uni-weimar.de> Hi all, see subject for the problem ;) Is it possible with python-ldap? I couldn't find something like ldap_extended_operation(). I'd like to change passwords without the need to bind anonymously first and search for the {WHATEVER} string, not to mention all the hassle to generate passwords locally (on windows). thx Paul From michael at stroeder.com Fri Oct 31 00:54:44 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Fri, 31 Oct 2003 00:54:44 +0100 Subject: change passwd on openldap via exop? In-Reply-To: <3FA19063.3080009@archit.uni-weimar.de> References: <3FA19063.3080009@archit.uni-weimar.de> Message-ID: <3FA1A4C4.3010509@stroeder.com> paul wrote: > > see subject for the problem ;) Is it possible with python-ldap? I > couldn't find something like ldap_extended_operation(). From TODO: - Support Extended Operations by wrapping ldap_extended_operation() and ldap_parse_extended_result() - Set Password ext. op. - Whoami ext. op. Feel free to submit patches implementing LDAP ext. ops. > I'd like to change passwords without the need to bind anonymously first > and search for the {WHATEVER} string, not to mention all the hassle to > generate passwords locally (on windows). I'm not sure what exactly you're planning to do. But usually it's quite trivial to set (client-side hashed) passwords by modifying 'userPassword'. Ciao, Michael. From michael at stroeder.com Fri Oct 31 16:15:14 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Fri, 31 Oct 2003 16:15:14 +0100 Subject: change passwd on openldap via exop? In-Reply-To: <3FA279E6.8050909@archit.uni-weimar.de> References: <3FA19063.3080009@archit.uni-weimar.de> <3FA1A4C4.3010509@stroeder.com> <3FA279E6.8050909@archit.uni-weimar.de> Message-ID: <3FA27C82.3050603@stroeder.com> paul wrote: > >> I'm not sure what exactly you're planning to do. But usually it's >> quite trivial to set (client-side hashed) passwords by modifying >> 'userPassword'. > > Well, thats what I'm doing for sambaNTpassword and friends, but for > 'userPassword' I dont know the scheme set in slapd.conf (password-hash), You don't have to. Use any of the accepted schemes. {SSHA} is recommended. web2ldap contains GNU-licensed code for generating client-side hashed userPassword values (pylib/ldaputil/passwd.py). Ciao, Michael. From paul.koelle at archit.uni-weimar.de Fri Oct 31 16:04:06 2003 From: paul.koelle at archit.uni-weimar.de (paul) Date: Fri, 31 Oct 2003 16:04:06 +0100 Subject: change passwd on openldap via exop? In-Reply-To: <3FA1A4C4.3010509@stroeder.com> References: <3FA19063.3080009@archit.uni-weimar.de> <3FA1A4C4.3010509@stroeder.com> Message-ID: <3FA279E6.8050909@archit.uni-weimar.de> Michael Str?der wrote: > From TODO: > > - Support Extended Operations by wrapping > ldap_extended_operation() and ldap_parse_extended_result() > - Set Password ext. op. > - Whoami ext. op. Thanks for the info. I should have looked at this document in the first place. > I'm not sure what exactly you're planning to do. But usually it's quite > trivial to set (client-side hashed) passwords by modifying 'userPassword'. Well, thats what I'm doing for sambaNTpassword and friends, but for 'userPassword' I dont know the scheme set in slapd.conf (password-hash), so it only works if I know the used mechanism and make it a config option on the client side. greetings Paul From patrick.gelin at rpn.ch Mon Nov 3 11:22:32 2003 From: patrick.gelin at rpn.ch (Patrick Gelin) Date: Mon, 03 Nov 2003 11:22:32 +0100 Subject: l_dap_search_ext function and AD SIZELIMIT_EXCEEDED exception Message-ID: <1067854952.4104.43.camel@rheisxa001.rpn.ch> Hi, I'm looking for a way to resolve a compatibility problem with Active Directory because this server rize a SIZELIMIT_EXCEEDED even if you specify a sizelimit parameter with l_ldap_search_ext... I have had a discution with AD mailing list and it seems I can't modify AD parameters to avoid this so I would like to try to modify LDAPObject.c::l_ldap_search_ext function in order to receive a partial result even if there is a SIZELIMIT_EXCEEDED exception. It will be very grateful to you if you show me the better way to do it. Thanks. -- Patrick Gelin Office de la Statistique et de l'Informatique Scolaire CH-2300 La Chaux-de-Fonds Canton de Neuch?tel (Suisse) T?l. +41 (0)32 919 79 23 Email: patrick.gelin at rpn.ch From michael at stroeder.com Mon Nov 3 11:42:30 2003 From: michael at stroeder.com (=?UTF-8?B?TWljaGFlbCBTdHLDtmRlcg==?=) Date: Mon, 03 Nov 2003 11:42:30 +0100 Subject: l_dap_search_ext function and AD SIZELIMIT_EXCEEDED exception In-Reply-To: <1067854952.4104.43.camel@rheisxa001.rpn.ch> References: <1067854952.4104.43.camel@rheisxa001.rpn.ch> Message-ID: <3FA63116.6000306@stroeder.com> Patrick Gelin wrote: > > I have had a discution with AD mailing list and it seems I can't modify > AD parameters to avoid this so I would like to try to modify > LDAPObject.c::l_ldap_search_ext function in order to receive a partial > result even if there is a SIZELIMIT_EXCEEDED exception. Feel free to submit a patch which really makes sense. Note that error handling is done through Python exceptions. One has to find a clean way to return the partial search results and raise the exception. > It will be very grateful to you if you show me the better way to do it. http://python-ldap.sourceforge.net/doc/python-ldap/ldap.async-example.List.html Ciao, Michael. From asaf at asaf.gotdns.com Mon Nov 3 22:13:30 2003 From: asaf at asaf.gotdns.com (Asaf Shakarchi) Date: Mon, 3 Nov 2003 13:13:30 -0800 Subject: Searching, Simple question... Message-ID: <49DED6545256E642A7BED8E7EAADBE120139B5@hades.olympus> Hello, I have some directory that looks like this: Dc=aup Ou=customers Ou=Customer's name I just want to get a list of the customer's name, There's anyway to do it? since search_s returns the entire line with the whole DNS. My code look like this: import ldap conn = ldap.initialize("ldap://ldap_server") conn.set_option(ldap.VERSION, ldap.VERSION3) conn.simple_bind_s(ADMIN_USER) dn="ou=Customers,dc=alwaysup" res = conn.search_s(dn, ldap.SCOPE_ONELEVEL, "objectClass=*", []) for name,attrs in res: print name ofcourse it prints the whole path, output is something like that: ou=CustomerName,ou=Customers,dc=aup I just want to get a list of 'CustomerName', even without the OU. Well, I guess this is a python question, not an python-ldap one but maybe there are some functions that make it easy to retrieve only specific part of the result in python-ldap? Thanks. -------------- next part -------------- An HTML attachment was scrubbed... URL: From crocha at dc.uba.ar Thu Nov 13 21:05:16 2003 From: crocha at dc.uba.ar (Cristian Sebastian Rocha) Date: Thu, 13 Nov 2003 17:05:16 -0300 Subject: DSML & async.py Message-ID: <20031113170516.A20304@dc.uba.ar> Hi, Traying to use the DSML writer as the LDIF writer with the async module, with the following code, I changed some lines in the dsml.py and async.py files. s = ldap.async.DSMLWriter( ldap.initialize('ldap://%s' % host), sys.stdout ) s.startSearch( base, ldap.SCOPE_SUBTREE, '(objectClass=*)', ) I checked out the files from the CVS and I changed them. It's working fine. For commit them in the CVS, I attached them in the mail. Bye, Cristian. PD: Sorry by my bad english. I hope you understand it ;) -------------- next part -------------- """ ldap.async - handle async LDAP operations written by Michael Stroeder See http://python-ldap.sourceforge.net for details. \$Id: async.py,v 1.18 2003/06/01 15:38:46 stroeder Exp $ Python compability note: Tested on Python 2.0+ but should run on Python 1.5.x. """ __version__ = '0.0.2' _searchResultTypes={ 'RES_SEARCH_ENTRY':None, 'RES_SEARCH_RESULT':None, 'RES_SEARCH_REFERENCE':None } _entryResultTypes={ 'RES_SEARCH_ENTRY':None, 'RES_SEARCH_RESULT':None, } class WrongResultType(Exception): def __init__(self,receivedResultType,expectedResultTypes): self.receivedResultType = receivedResultType self.expectedResultTypes = expectedResultTypes def __str__(self): return 'Received wrong result type %s (expected one of %s).' % ( self.receivedResultType, ', '.join(self.expectedResultTypes), ) class AsyncSearchHandler: """ Class for stream-processsing LDAP search results """ def __init__(self,l): """ Initialize a StreamResultHandler Parameters: l LDAPObject instance """ self._l = l self._msgId = None def startSearch( self, searchRoot, searchScope, filterStr, attrList=None, attrsOnly=0, timeout=-1, sizelimit=0 ): """ searchRoot See parameter base of method LDAPObject.search() searchScope See parameter scope of method LDAPObject.search() filterStr See parameter filter of method LDAPObject.search() attrList=None See parameter attrlist of method LDAPObject.search() attrsOnly See parameter attrsonly of method LDAPObject.search() timeout Maximum time the server shall use for search operation sizeLimit Maximum number of entries a server should return (request client-side limit) """ self._msgId = self._l.search_ext( searchRoot,searchScope,filterStr, attrList,attrsOnly,None,None,timeout,sizelimit ) return # startSearch() def preProcessing(self): """ Do anything you want after starting search but before receiving and processing results """ def postProcessing(self): """ Do anything you want after receiving and processing results """ def processResults(self,ignoreResultsNumber=0,processResultsCount=0,timeout=-1): """ ignoreResultsNumber Don't process the first ignoreResultsNumber results. processResultsCount If non-zero this parameters indicates the number of results processed is limited to processResultsCount. timeout See parameter timeout of ldap.LDAPObject.result() """ self.preProcessing() result_counter = 0 end_result_counter = ignoreResultsNumber+processResultsCount go_ahead = 1 partial = 0 self.beginResultsDropped = 0 self.endResultBreak = result_counter try: result_type,result_list = None,None while go_ahead: while result_type is None and not result_list: result_type,result_list = self._l.result(self._msgId,0,timeout) if not result_list: break if not _searchResultTypes.has_key(result_type): raise WrongResultType(result_type,_searchResultTypes.keys()) # Loop over list of search results for result_item in result_list: if result_counter See http://python-ldap.sourceforge.net for details. $Id: dsml.py,v 1.5 2003/08/13 22:02:48 stroeder Exp $ Python compability note: Tested with Python 2.0+. """ __version__ = '0.5.1' import string,base64 def list_dict(l): """ return a dictionary with all items of l being the keys of the dictionary """ d = {} for i in l: d[i]=None return d special_entities = ( ('&','&'), ('<','<'), ('"','"'), ("'",'''), ) def replace_char(s): for char,entity in special_entities: s = string.replace(s,char,entity) return s class DSMLWriter: def __init__( self,f,base64_attrs=[],dsml_comment='',indent=' ' ): """ Parameters: f File object for output. base64_attrs Attribute types to be base64-encoded. dsml_comment Text placed in comment lines behind . indent String used for indentiation of next nested level. """ self._output_file = f self._base64_attrs = list_dict(map(string.lower,base64_attrs)) self._dsml_comment = dsml_comment self._indent = indent def _needs_base64_encoding(self,attr_type,attr_value): if self._base64_attrs: return self._base64_attrs.has_key(string.lower(attr_type)) else: try: unicode(attr_value,'utf-8') except UnicodeError: return 1 else: return 0 def writeHeader(self): """ Write the header """ self._output_file.write('\n'.join([ '', '', '', '%s\n' % (self._indent), ]) ) if self._dsml_comment: self._output_file.write('%s\n' % (self._indent)) def writeFooter(self): """ Write the footer """ self._output_file.write('%s\n' % (self._indent)) self._output_file.write('\n') def unparse(self,dn,entry): """ dn string-representation of distinguished name entry dictionary holding the LDAP entry {attr:data} """ # Write line dn: first self._output_file.write( '%s\n' % ( self._indent*2,replace_char(dn) ) ) objectclasses = entry.get('objectclass',entry.get('objectClass',[])) self._output_file.write('%s\n' % (self._indent*3)) for oc in objectclasses: self._output_file.write('%s%s\n' % (self._indent*4,oc)) self._output_file.write('%s\n' % (self._indent*3)) attr_types = entry.keys()[:] try: attr_types.remove('objectclass') attr_types.remove('objectClass') except ValueError: pass attr_types.sort() for attr_type in attr_types: self._output_file.write('%s\n' % (self._indent*3,attr_type)) for attr_value_item in entry[attr_type]: needs_base64_encoding = self._needs_base64_encoding( attr_type,attr_value_item ) if needs_base64_encoding: attr_value_item = base64.encodestring(attr_value_item) else: attr_value_item = replace_char(attr_value_item) self._output_file.write('%s\n' % ( self._indent*4, ' encoding="base64"'*needs_base64_encoding ) ) self._output_file.write('%s%s\n' % ( self._indent*5, attr_value_item ) ) self._output_file.write('%s\n' % ( self._indent*4, ) ) self._output_file.write('%s\n' % (self._indent*3)) self._output_file.write('%s\n' % (self._indent*2)) return try: import xml.sax,xml.sax.handler except ImportError: pass else: class DSMLv1Handler(xml.sax.handler.ContentHandler): """ Content handler class for DSMLv1 """ def __init__(self,parser_instance): self._parser_instance = parser_instance def startDocument(self): pass def endDocument(self): pass def startElement(self,raw_name,attrs): assert raw_name.startswith(''),'Illegal name' name = raw_name[5:] if name=='dsml': pass elif name=='directory-entries': self._parsing_entries = 1 elif name=='entry': self._dn = attrs['dn'] self._entry = {} elif name=='attr': self._attr_type = attrs['name'].encode('utf-8') self._attr_values = [] elif name=='value': self._attr_value = '' self._base64_encoding = attrs.get('encoding','').lower()=='base64' # Handle object class tags elif name=='objectclass': self._object_classes = [] elif name=='oc-value': self._oc_value = '' # Unhandled tags else: raise ValueError,'Unknown tag' % (raw_name) def endElement(self,raw_name): assert raw_name.startswith('dsml:'),'Illegal name' name = raw_name[5:] if name=='dsml': pass elif name=='directory-entries': self._parsing_entries = 0 elif name=='entry': self._parser_instance.handle(self._dn,self._entry) del self._dn del self._entry elif name=='attr': self._entry[self._attr_type] = self._attr_values del self._attr_type del self._attr_values elif name=='value': if self._base64_encoding: attr_value = base64.decodestring(self._attr_value.strip()) else: attr_value = self._attr_value.strip().encode('utf-8') self._attr_values.append(attr_value) del attr_value del self._attr_value del self._base64_encoding # Handle object class tags elif name=='objectclass': self._entry['objectClass'] = self._object_classes del self._object_classes elif name=='oc-value': self._object_classes.append(self._oc_value.strip().encode('utf-8')) del self._oc_value # Unhandled tags else: raise ValueError,'Unknown tag' % (raw_name) def characters(self,ch): if self.__dict__.has_key('_oc_value'): self._oc_value = self._oc_value + ch elif self.__dict__.has_key('_attr_value'): self._attr_value = self._attr_value + ch else: pass class DSMLParser: """ Base class for a DSMLv1 parser. Applications should sub-class this class and override method handle() to implement something meaningful. Public class attributes: records_read Counter for records processed so far """ def __init__( self, input_file, ContentHandlerClass, ignored_attr_types=None, max_entries=0, line_sep='\n' ): """ Parameters: input_file File-object to read the LDIF input from ignored_attr_types Attributes with these attribute type names will be ignored. max_entries If non-zero specifies the maximum number of entries to be read from f. line_sep String used as line separator """ self._input_file = input_file self._max_entries = max_entries self._ignored_attr_types = list_dict(map(string.lower,(ignored_attr_types or []))) self._current_record = None,None self.records_read = 0 self._parser = xml.sax.make_parser() self._parser.setFeature(xml.sax.handler.feature_namespaces,0) content_handler = ContentHandlerClass(self) self._parser.setContentHandler(content_handler) def handle(self,*args,**kwargs): """ Process a single content LDIF record. This method should be implemented by applications using LDIFParser. """ import pprint pprint.pprint(args) pprint.pprint(kwargs) def parse(self): """ Continously read and parse DSML records """ self._parser.parse(self._input_file) From michael at stroeder.com Fri Nov 14 10:53:20 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Fri, 14 Nov 2003 10:53:20 +0100 Subject: DSML & async.py In-Reply-To: <20031113170516.A20304@dc.uba.ar> References: <20031113170516.A20304@dc.uba.ar> Message-ID: <3FB4A610.80902@stroeder.com> Cristian Sebastian Rocha wrote: > > Traying to use the DSML writer as the LDIF writer with the async module, with > the following code, I changed some lines in the dsml.py and async.py files. Thanks for sending a patch. Next time please provide some more details what you've changed. This enhances the chance that I don't defer changes due to my momentary work-load. From looking at the diff it seems to me that you simply changed the nameof the class attribute DSMLWriter._f to DSMLWriter._output_file. Is that right? Ah, you also changed the name of the method DSMLWriter.writeRecord() to DSMLWriter.unparse(). Off course this breaks existing code. Therefore I simply added a new wrapper method DSMLWriter.unparse(). I've checked in the changes. Please test! Ciao, Michael. From crocha at dc.uba.ar Fri Nov 14 13:43:11 2003 From: crocha at dc.uba.ar (Cristian S. Rocha) Date: Fri, 14 Nov 2003 09:43:11 -0300 Subject: DSML & async.py In-Reply-To: <3FB4A610.80902@stroeder.com> References: <20031113170516.A20304@dc.uba.ar> <3FB4A610.80902@stroeder.com> Message-ID: <1068813791.669.21.camel@felix> Michael, You are right. I just made two changes: 1) DSMLWriter._f -> DSMLWriter._output_file 2) DSMLWriter.writeRecord() -> DSMLWriter.unparse() I will test the changes later. Thanks, Cristian. El vie, 14-11-2003 a las 06:53, Michael Str?der escribi?: > Cristian Sebastian Rocha wrote: > > > > Traying to use the DSML writer as the LDIF writer with the async module, with > > the following code, I changed some lines in the dsml.py and async.py files. > > Thanks for sending a patch. Next time please provide some more details what > you've changed. This enhances the chance that I don't defer changes due to > my momentary work-load. > > From looking at the diff it seems to me that you simply changed the nameof > the class attribute DSMLWriter._f to DSMLWriter._output_file. Is that right? > > Ah, you also changed the name of the method DSMLWriter.writeRecord() to > DSMLWriter.unparse(). Off course this breaks existing code. Therefore I > simply added a new wrapper method DSMLWriter.unparse(). > > I've checked in the changes. Please test! > > Ciao, Michael. > > > > From petitmermet at mat.ethz.ch Fri Nov 21 14:11:47 2003 From: petitmermet at mat.ethz.ch (Marc Petitmermet) Date: Fri, 21 Nov 2003 14:11:47 +0100 Subject: problems building python-ldap-2.0.0pre13 Message-ID: <42E4AEDE-1C24-11D8-A5A2-000393A370DA@mat.ethz.ch> i have set up the setup.cfg like this: library_dirs = /usr/local/openldap/openldap-2.1.23/lib include_dirs = /usr/local/openldap/openldap-2.1.23/include libs = ldap lber ssl then i build like this: /usr/local/python/Python-2.1.3/bin/python setup.py build and i get the following error: gcc -shared build/temp.linux-i686-2.1/LDAPObject.o build/temp.linux-i686-2.1/common.o build/temp.linux-i686-2.1/constants.o build/temp.linux-i686-2.1/errors.o build/temp.linux-i686-2.1/functions.o build/temp.linux-i686-2.1/schema.o build/temp.linux-i686-2.1/ldapmodule.o build/temp.linux-i686-2.1/linkedlist.o build/temp.linux-i686-2.1/message.o build/temp.linux-i686-2.1/version.o build/temp.linux-i686-2.1/options.o -L/usr/local/openldap/openldap-2.1.23/lib -R/usr/local/openldap/openldap-2.1.23/lib -lldap -llber -lssl -o build/lib.linux-i686-2.1/_ldap.so gcc: unrecognized option `-R/usr/local/openldap/openldap-2.1.23/lib' first, there is a correct "-L/usr/local/openldap/openldap-2.1.23/lib" followed immediately by the "-R/usr/local/openldap/openldap-2.1.23/lib". can anybody tell me what's wrong here? i tried to download python-ldap-2.0.0pre15.tar.gz but i cannot fetch it, the link on sourceforge does not work for me. another question: could i also explicitly tell python-ldap which ssl installation it sould use? thanks for any hints. regards, marc From jens at zope.com Fri Nov 21 14:41:21 2003 From: jens at zope.com (Jens Vagelpohl) Date: Fri, 21 Nov 2003 08:41:21 -0500 Subject: problems building python-ldap-2.0.0pre13 In-Reply-To: <42E4AEDE-1C24-11D8-A5A2-000393A370DA@mat.ethz.ch> References: <42E4AEDE-1C24-11D8-A5A2-000393A370DA@mat.ethz.ch> Message-ID: <6464185E-1C28-11D8-9F2B-000393D58818@zope.com> > gcc: unrecognized option `-R/usr/local/openldap/openldap-2.1.23/lib' I see that warning as well but the module builds just fine. Do you see the .so file or not? > another question: could i also explicitly tell python-ldap which ssl > installation it sould use? there is a library_dirs line in setup.cfg, try using that and see where it gets you. jens -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2355 bytes Desc: not available URL: From petitmermet at mat.ethz.ch Fri Nov 21 15:28:00 2003 From: petitmermet at mat.ethz.ch (Marc Petitmermet) Date: Fri, 21 Nov 2003 15:28:00 +0100 Subject: problems building python-ldap-2.0.0pre13 In-Reply-To: <6464185E-1C28-11D8-9F2B-000393D58818@zope.com> References: <42E4AEDE-1C24-11D8-A5A2-000393A370DA@mat.ethz.ch> <6464185E-1C28-11D8-9F2B-000393D58818@zope.com> Message-ID: >> gcc: unrecognized option `-R/usr/local/openldap/openldap-2.1.23/lib' > I see that warning as well but the module builds just fine. Do you see > the .so file or not? if you mean in build/lib.linux-i686-2.1? there is a _ldap.so. is this o.k.? can i install now without regrets? regards, marc From jens at zope.com Fri Nov 21 17:22:53 2003 From: jens at zope.com (Jens Vagelpohl) Date: Fri, 21 Nov 2003 11:22:53 -0500 Subject: problems building python-ldap-2.0.0pre13 In-Reply-To: References: <42E4AEDE-1C24-11D8-A5A2-000393A370DA@mat.ethz.ch> <6464185E-1C28-11D8-9F2B-000393D58818@zope.com> Message-ID: You could save yourself a lot of time by just giving it a try and seeing if it works. jens On Nov 21, 2003, at 9:28, Marc Petitmermet wrote: >>> gcc: unrecognized option `-R/usr/local/openldap/openldap-2.1.23/lib' >> I see that warning as well but the module builds just fine. Do you >> see the .so file or not? > > if you mean in build/lib.linux-i686-2.1? there is a _ldap.so. is this > o.k.? can i install now without regrets? > > regards, > marc > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2355 bytes Desc: not available URL: From michael at stroeder.com Tue Nov 25 07:35:36 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 25 Nov 2003 07:35:36 +0100 Subject: Problems with function ldap.explode_dn() In-Reply-To: <5813734509.20031124193932@de.tds-global.com> References: <5813734509.20031124193932@de.tds-global.com> Message-ID: <3FC2F838.7090401@stroeder.com> OHURAMACRCUD at spammotel.com wrote: > >>>>dn="uid=ascii,l=M?nchen_iso-8859-1" >>>>ldap.explode_dn(dn) > > ['uid=ascii'] Hmm, this looks wrong. Using ISO-8859-1 is wrong with LDAPv3 anyway. >>>>ldap.explode_dn(dn.decode('latin')) > [..] > UnicodeEncodeError: 'ascii' codec can't encode character u'\xfc' in position 13: ordinal not in range(128) Off course you can't encode the raw string. dn is supposed to be an Unicode object. >>>>ldap.explode_dn(dn.decode('latin').encode('utf')) > > ['uid=ascii', 'l=M\\C3\\BCnchen_iso-8859-1'] Now this shows that the underlying OpenLDAP function ldap_explode_dn() is aware of DN strings having to be UTF-8 encoded Unicode. Note that you SHOULD use 'utf-8' as unique ID for UTF-8. >>>>vgl=ldap.explode_dn(dn.decode('latin').encode('utf'))[1] >>>>vgl > > 'l=M\\C3\\BCnchen_iso-8859-1' > >>>>vgl=="l=M?nchen_iso-8859-1".decode('latin').encode('utf8') > > False The DN string normalization (with back slash representation) is done within the OpenLDAP libs. The behaviour changed from OpenLDAP 2.0 to 2.1. I already had a discussion with Kurt Z. about that. His argument was that LDAP applications should treat DNs as being opaque. There's nothing we can do about it. This breaks things when accessing OpenLDAP 2.0 server since 2.0 did not implement correct matching rules for DNs. Oh yeah... > Beeing very RFC-strict I would have to use utf-8 encoding. But the result > also should be utf-8 encoded, which isn't the case. Any ideas? Input and output of ldap_explode_dn() both have to be a valid DN string representation as of RFC2253 which is the case. Guess you have to live with that. Ciao, Michael. From OHURAMACRCUD at spammotel.com Mon Nov 24 19:39:32 2003 From: OHURAMACRCUD at spammotel.com (OHURAMACRCUD at spammotel.com) Date: Mon, 24 Nov 2003 19:39:32 +0100 Subject: Problems with function ldap.explode_dn() Message-ID: <5813734509.20031124193932@de.tds-global.com> Hello, since changing to python 2.3.2, OpenLDAP 2.1.23 and python-ldap-2.0.0pre15 I have problems with explode_dn(), related to diacritics; as You can see: Python 2.3.2 (#1, Oct 26 2003, 16:43:30) [GCC 3.3.1] on sunos5 Type "help", "copyright", "credits" or "license" for more information. >>> import ldap >>> dn="uid=ascii,l=M?nchen_iso-8859-1" >>> ldap.explode_dn(dn) ['uid=ascii'] >>> ldap.explode_dn(dn.decode('latin')) Traceback (most recent call last): File "", line 1, in ? File "/usr/local/lib/python2.3/site-packages/ldap/functions.py", line 84, in explode_dn return _ldap_function_call(_ldap.explode_dn,dn,notypes) File "/usr/local/lib/python2.3/site-packages/ldap/__init__.py", line 62, in _ldap_function_call result = apply(func,args,kwargs) UnicodeEncodeError: 'ascii' codec can't encode character u'\xfc' in position 13: ordinal not in range(128) >>> ldap.explode_dn(dn.decode('latin').encode('utf')) ['uid=ascii', 'l=M\\C3\\BCnchen_iso-8859-1'] >>> vgl=ldap.explode_dn(dn.decode('latin').encode('utf'))[1] >>> vgl 'l=M\\C3\\BCnchen_iso-8859-1' >>> vgl=="l=M?nchen_iso-8859-1".decode('latin').encode('utf8') False In the last working versions, I didn't need to encode or decode the strings. Beeing very RFC-strict I would have to use utf-8 encoding. But the result also should be utf-8 encoded, which isn't the case. Any ideas? Kind Regards Eckard From lukas at msys.ch Thu Nov 27 14:43:34 2003 From: lukas at msys.ch (Lukas Meyer) Date: Thu, 27 Nov 2003 14:43:34 +0100 Subject: how to add a whole entry? Message-ID: <3FC5FF86.7020100@msys.ch> Hello, I want to add a whole entry to an ldap tree with python-ldap. But I don't get any good result. I can add, replace, delete entries without a problem and with the function delete_s() it's also possible to delete a whole entry. But how can i add/create any entry? I dont't want to add only an attribute. I.e. I want to add cn=Test Person, ou=Persons, dc=domain. I can't find anything about how to do that. Can anyone give me a hint for that? Best regards Lukas Meyer From michael at stroeder.com Thu Nov 27 15:32:32 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 27 Nov 2003 15:32:32 +0100 Subject: how to add a whole entry? In-Reply-To: <3FC5FF86.7020100@msys.ch> References: <3FC5FF86.7020100@msys.ch> Message-ID: <3FC60B00.1080109@stroeder.com> Lukas Meyer wrote: > > I want to add a whole entry to an ldap tree with python-ldap. That's what LDAPObject.add_s() is for. See Demo/simple.py for an example. Ciao, Michael. From crocha at dc.uba.ar Thu Nov 27 15:28:00 2003 From: crocha at dc.uba.ar (Cristian S. Rocha) Date: Thu, 27 Nov 2003 11:28:00 -0300 Subject: DSML & async.py In-Reply-To: <1068813791.669.21.camel@felix> References: <20031113170516.A20304@dc.uba.ar> <3FB4A610.80902@stroeder.com> <1068813791.669.21.camel@felix> Message-ID: <1069943279.3001.58.camel@numero2> Hi, I'm here again. I would like to do more modifications but the async module will change a lot, before I want to ask you what do you think about some modifications. At now the async code is dependent to the format output: exists two classes to output ldif (ldif.LDIFWriter & ldap.async.LDIFWriter) and another two for dsml (dsml.DSMLWriter & ldap.async.DSMLWriter). I want to propose just one class for output (ldap.async.Writer) and other two for format considerations (dsml.DSMLWriter & ldif.LDIFWriter). That let you to output both format with less changes on the code. An example could be: """ format = { 'dsml': dsml.DSMLWriter(sys.stdout), 'ldif': ldif.LDIFWriter(sys.stdout), } def print(host, base, filtre, formatstr): s = ldap.async.Writer( ldap.initialize(host), format[formatstr] ) s.startSearch( base, ldap.SCOPE_SUBTREE, filtre ) """ To do it, the classes must share the following interface: """ class XWriter: def __init__(self, f, ...): """ Init the writer class. f file object for output. """ ... return def header(self): """ Return a header string. """ ... return '' def footer(self): """ Return a footer string. """ ... return '' def unparse(self, dn, entry): """ Write the entry to the object for output. dn string-representation of distinguished name entry dictionary holding the LDAP entry {attr:data} """ ... return """ I just append these functions (header & footer) to the LDIFWriter and DSMLWriter classes in "ldif.py" and "dsml.py" files. I append the async.Writer class to use the interface in the "async.py" file. And I test the code with the "Test.py" program. All the files are attached on the mail. Regards to all, Cristian. -- Lic. Cristian S. Rocha. Departamento de Computacin. FCEyN. UBA. Pabellon I. Cuarto 9. Ciudad Universitaria. (1428) Buenos Aires. Argentina. Tel: +54-11-4576-3390/96 int 714 Tel/Fax: +54-11-4576-3359 Cel: 15-5-607-9192 -------------- next part -------------- A non-text attachment was scrubbed... Name: Test.py Type: text/x-python Size: 926 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: dsml.py Type: text/x-python Size: 8843 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: ldif.py Type: text/x-python Size: 14805 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: async.py Type: text/x-python Size: 8145 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Esta parte del mensaje est? firmada digitalmente URL: From michael at stroeder.com Thu Nov 27 16:19:34 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 27 Nov 2003 16:19:34 +0100 Subject: DSML & async.py In-Reply-To: <1069943279.3001.58.camel@numero2> References: <20031113170516.A20304@dc.uba.ar> <3FB4A610.80902@stroeder.com> <1068813791.669.21.camel@felix> <1069943279.3001.58.camel@numero2> Message-ID: <3FC61606.6070303@stroeder.com> Cristian S. Rocha wrote: > > I'm here again. I would like to do more modifications but the async > module will change a lot, before I want to ask you what do you think > about some modifications. I already started a new module 'ldap.res' since I wanted to fix some mistakes I did in the design but keep the module ldap.async as is for not breaking existing code (mainly web2ldap and some sync scripts I've implemented for my customers). I think this is the way to go. From what I understand you're after the same thing like me: The data read by an arbitrary XReader should be piped to an arbitrary YWriter. With this you would be able to pump data from DSML to LDAP server, convert from LDIF to DSML, etc. Note that the Java implementation of Novell found on http://www.openldap.org implements classes with common interfaces. We might be able to borrow some ideas from this project. Also note that the modules 'ldif' and 'dsml' (and 'ldapurl') implemented in pure Python were designed to be usable stand-alone without importing anything from the rest of python-ldap. I found this handy on some platforms on which it's difficult to build the C wrapper part in cases I only needed a LDIF parser. So maybe best bet is to implement a new module package with interchangeable Reader/Writer classes and import and wrap the modules ldap, ldif and dsml. Not to forget implementing CSVReader/-Writer classes (with module 'csv' available in Python standard lib 2.3+). Speaking of module 'csv' it would also be nice to let the Reader classes implement the iterator interface available since Python 2.2. Look into the Python 2.3 'csv' docs to get the idea. I have currently no time do that myself but I'd be glad to review contributed code. How does that sound to you? Ciao, Michael. From gwidion at mpc.com.br Thu Nov 27 16:14:57 2003 From: gwidion at mpc.com.br (Joao S. O. Bueno) Date: Thu, 27 Nov 2003 13:14:57 -0200 Subject: how to add a whole entry? In-Reply-To: <3FC5FF86.7020100@msys.ch> References: <3FC5FF86.7020100@msys.ch> Message-ID: <200311271314.57102.gwidion@mpc.com.br> Hi there, Well, I am also learning it. But it is troubleless with the method add_s in the ldap object, Just do l.add_s (dn_string, [ (attribute_name, attribute_value), (attribute_name), (attribute_value)]) , being carefull to include all the mandatory attributes for each objectClass. BTW objectClass itself is a mandatory attribute. Check the error returned from the ldap (to learn, better, i usually do these experiences in an interactive python shell), to see if any attribute is missing. On Thursday 27 November 2003 11:43, Lukas Meyer wrote: > Hello, > > I want to add a whole entry to an ldap tree with python-ldap. But I > don't get any good result. I can add, replace, delete entries > without a problem and with the function delete_s() it's also > possible to delete a whole entry. But how can i add/create any > entry? I dont't want to add only an attribute. I.e. I want to add > cn=Test Person, ou=Persons, dc=domain. I can't find anything about > how to do that. Can anyone give me a hint for that? > > Best regards > > Lukas Meyer > > > > From lukas at msys.ch Fri Nov 28 09:22:51 2003 From: lukas at msys.ch (Lukas Meyer) Date: Fri, 28 Nov 2003 09:22:51 +0100 Subject: how to know the end? Message-ID: <3FC705DB.8030009@msys.ch> Hi there, I want to show the whole ldap structure in a tree. I want to do that with a loop that continous searching in each branch it found. But my problem is, how I can let the loop know if it is the end btw the last branch of a branch. Is there anything to check for that? My current code checks everytime the first branch, then the first branch of the first branch etc. but if it is at the latest one, it hangs. So I need anything how i can say "if you are in the latest one, break the loop". Below is a code snip of this loop: basedn = dn for name, attrs in l.search_s(dn, ldap.SCOPE_ONELEVEL, "objectclass=*", []): print name newdn = name while 1: for name, attrs in l.search_s(newdn, ldap.SCOPE_ONELEVEL, "objectclass=*"): newdn = name print newdn break Does anyone know a solution to this problem? Best regards Lukas From paul at subsignal.org Fri Nov 28 13:01:23 2003 From: paul at subsignal.org (=?ISO-8859-1?Q?paul_k=F6lle?=) Date: Fri, 28 Nov 2003 13:01:23 +0100 Subject: how to know the end? In-Reply-To: <3FC705DB.8030009@msys.ch> References: <3FC705DB.8030009@msys.ch> Message-ID: <3FC73913.9030108@subsignal.org> Lukas Meyer wrote: > Hi there, > > I want to show the whole ldap structure in a tree. I want to do that > with a loop that continous searching in each branch it found. But my > problem is, how I can let the loop know if it is the end btw the last > branch of a branch. Is there anything to check for that? My current code > checks everytime the first branch, then the first branch of the first > branch etc. but if it is at the latest one, it hangs. So I need anything > how i can say "if you are in the latest one, break the loop". Just a thought, at least Openldap each entry has an operational attribute "hasSubordinates: TRUE | FALSE". greetings Paul From michael at stroeder.com Fri Nov 28 16:14:37 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Fri, 28 Nov 2003 16:14:37 +0100 Subject: how to know the end? In-Reply-To: <3FC73913.9030108@subsignal.org> References: <3FC705DB.8030009@msys.ch> <3FC73913.9030108@subsignal.org> Message-ID: <3FC7665D.2060707@stroeder.com> paul k?lle wrote: > Lukas Meyer wrote: > >> I want to show the whole ldap structure in a tree. I want to do that >> with a loop that continous searching in each branch it found. But my >> problem is, how I can let the loop know if it is the end btw the last >> branch of a branch. Is there anything to check for that? My current >> code checks everytime the first branch, then the first branch of the >> first branch etc. but if it is at the latest one, it hangs. So I need >> anything how i can say "if you are in the latest one, break the loop". > > Just a thought, at least Openldap each entry has an operational > attribute "hasSubordinates: TRUE | FALSE". This works on e.g. OpenLDAP (since 2.1.5?) and on some X.500 servers and it's the most generic attribut for determining a leaf entry. One can also evaluate integer value of attribute 'subordinateCount' on Novell eDirectory or 'numSubordinates' on Netscape/iPlanet/SunONE Directory Server. Note that the latter is not usable on iPlanet/SunONE Directory Server 5.x+ without adding a-priori knowledge to the application that the attribute 'numSubordinates' should be there if it's a non-lead entry. web2ldap contains code for this when searching and doing recursive deletes. It also falls back to doing a one-level search when none of the attributes above is present. Ciao, Michael. From paul at subsignal.org Fri Nov 28 17:20:07 2003 From: paul at subsignal.org (=?ISO-8859-1?Q?paul_k=F6lle?=) Date: Fri, 28 Nov 2003 17:20:07 +0100 Subject: how to add a whole entry? In-Reply-To: <3FC75BD8.1000300@msys.ch> References: <3FC75BD8.1000300@msys.ch> Message-ID: <3FC775B7.6060805@subsignal.org> Lukas Meyer wrote: > Hello, > Thank you for your help. > > That would be a great thing but I don't have this attribute. I don't get > this attribute with ldapsearch -h xx -D xx -b xx "objectclass=*" + Strange, I get: nil root # ldapsearch 'objectClass=*' + SASL/GSSAPI authentication started SASL username: root at B17 SASL SSF: 56 SASL installing layers # extended LDIF # # LDAPv3 # base <> with scope sub # filter: objectClass=* # requesting: + # # nil.b17 dn: dc=nil,dc=b17 structuralObjectClass: domain entryUUID: 5f869caa-b3c5-1027-8b0c-b3f8bb6957e2 creatorsName: cn=Manager,dc=nil,dc=b17 createTimestamp: 20031125190025Z entryCSN: 2003112519:00:25Z#0x0001#0#0000 modifiersName: cn=Manager,dc=nil,dc=b17 modifyTimestamp: 20031125190025Z subschemaSubentry: cn=Subschema hasSubordinates: TRUE Openldap 2.1.23, cyrus-sasl-2.1.15, mit-krb5-1.3 Most likely it is a problem with ACL's. Check if you can get the result when binding with your 'rootdn'. hth Paul From lukas at msys.ch Thu Dec 4 14:45:06 2003 From: lukas at msys.ch (Lukas Meyer) Date: Thu, 04 Dec 2003 14:45:06 +0100 Subject: Show the whole tree Message-ID: <3FCF3A62.4030005@msys.ch> Hello, I want to show the whole tree with a for loop or anything else. I think it could work as follow: hasLeaveEntry() is a funktion that returns 0 or 1 if a subentry is there. for name, attrs in l.search_s(dn, ldap.SCOPE_ONELEVEL, "objectclass=*", []): x = hasLeaveEntry(name) if x == 1: for name, attrs in l.search_s(dn, ldap.SCOPE_ONELEVEL, "objectclass=*", []): x = hasLeaveEntry(name) and so on... else: continue But I want to write one, or two loops, which can show me every entry. For Example: Show first entry in base dc=x, if it has a leaveentry, show first entry in base dc=xx,dc=x and so on, or if not, show second entry in base dc=x, and again the same as above. However I can't get any loop working which is doing that as I described. Does anyone know a better technic oder anything else who might help me? Best regards Lukas From michael at stroeder.com Thu Dec 4 19:00:37 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 04 Dec 2003 19:00:37 +0100 Subject: Show the whole tree In-Reply-To: <3FCF3A62.4030005@msys.ch> References: <3FCF3A62.4030005@msys.ch> Message-ID: <3FCF7645.60309@stroeder.com> Lukas Meyer wrote: > > I want to show the whole tree with a for loop or anything else. Really the whole tree at once? Then you could retrieve the whole sub-tree in one search request and sort the reversed normalized DN into a list or to construct a dictionary-based tree-structure depending on your needs. I'm doing this to reconstruct the correct tree order of entries in LDIF files. Off course this does not scale well on directories with 100000+ entries since it consumes memory. Also be prepared to hit a search limit which will leave your tree incomplete. > hasLeaveEntry() is a funktion that returns 0 or 1 if a subentry is there. > > for name, attrs in l.search_s(dn, ldap.SCOPE_ONELEVEL, > "objectclass=*", []): > x = hasLeaveEntry(name) > if x == 1: > for name, attrs in l.search_s(dn, ldap.SCOPE_ONELEVEL, > "objectclass=*", []): > x = hasLeaveEntry(name) > and so on... > else: > continue It's recursive which might be a problem on highly nested directory trees. Also I'd use the operational attribute 'hasSubordinates' if present or similar to spare the one search request per leaf entry. You might wanna check the sources of web2ldap which do the recursive deletes (file pylib/w2lapp/delete.py). Ciao, Michael. From cklinger at econtec.de Tue Dec 9 11:41:00 2003 From: cklinger at econtec.de (Klinger Christian) Date: 9 Dec 2003 11:41:00 +0100 Subject: Error in ldapsearch?? Message-ID: Hello List The Problem: I make some LDAP Queries (Zope External Method) over a large network! Sometimes i got a "good" result but sometimes i got the error "Can?t contact LDAP-Server"! Is it possible to get over on a "timeout limit"? Is it possible to trace something? Do you have any tips for me? Thx in advance Christian The "short code of the programm --snip-- import ldap server = '10.99.29.9' admin = "cn=ldapadmin,o=cnbg,c=de" passw = "xxxxxxxx" l=ldap.open(server) l.protocol_version = ldap.VERSION3 l.simple_bind_s(admin,passw) def e_ldapsearch(name,flag): basedn = "o=cnbg,c=de" sfilter = "(&(objectclass=drupaPerson)(cn=%s))" %name res = l.search_s(basedn, ldap.SCOPE_SUBTREE, sfilter) # line 72 return res --snip-- The Traceback from Zope: __call__
__traceback_info__: ((), {'flag': 'bgdpextranet', 'name': 9909040001}, None) Module /opt/Zope/Extensions/e_ldapsearch.py, line 72, in ldapsearch Module ldap.ldapobject, line 421, in search_s Module ldap.ldapobject, line 425, in search_st Module ldap.ldapobject, line 371, in result Module ldap.ldapobject, line 94, in _ldap_call SERVER_DOWN: {'desc': "Can't contact LDAP server", 'info': ''} From jens at zope.com Tue Dec 9 13:45:46 2003 From: jens at zope.com (Jens Vagelpohl) Date: Tue, 9 Dec 2003 07:45:46 -0500 Subject: Error in ldapsearch?? In-Reply-To: References: Message-ID: <9BF80588-2A45-11D8-990B-000393D58818@zope.com> I suggest you move the code that connects to the server into the method. jens On Dec 9, 2003, at 5:41, Klinger Christian wrote: > Hello List > > The Problem: > I make some LDAP Queries (Zope External Method) over a large network! > Sometimes i got a "good" result but sometimes i got the error > "Can?t contact LDAP-Server"! > > Is it possible to get over on a "timeout limit"? > Is it possible to trace something? > > > Do you have any tips for me? > > Thx in advance > > Christian > > The "short code of the programm > > --snip-- > import ldap > > server = '10.99.29.9' > admin = "cn=ldapadmin,o=cnbg,c=de" > passw = "xxxxxxxx" > > > l=ldap.open(server) > l.protocol_version = ldap.VERSION3 > l.simple_bind_s(admin,passw) > > def e_ldapsearch(name,flag): > basedn = "o=cnbg,c=de" > sfilter = "(&(objectclass=drupaPerson)(cn=%s))" %name > res = l.search_s(basedn, ldap.SCOPE_SUBTREE, sfilter) # line 72 > return res > --snip-- > > The Traceback from Zope: > __call__
__traceback_info__: ((), {'flag': 'bgdpextranet', 'name': > 9909040001}, None) > Module /opt/Zope/Extensions/e_ldapsearch.py, line 72, in ldapsearch > Module ldap.ldapobject, line 421, in search_s > Module ldap.ldapobject, line 425, in search_st > Module ldap.ldapobject, line 371, in result > Module ldap.ldapobject, line 94, in _ldap_call SERVER_DOWN: > {'desc': "Can't contact LDAP server", 'info': ''} -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2355 bytes Desc: not available URL: From michael at stroeder.com Tue Dec 9 20:43:47 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 09 Dec 2003 20:43:47 +0100 Subject: Error in ldapsearch?? In-Reply-To: References: Message-ID: <3FD625F3.2010809@stroeder.com> Klinger Christian wrote: > > The Problem: > I make some LDAP Queries (Zope External Method) over a large network! > Sometimes i got a "good" result but sometimes i got the error > "Can?t contact LDAP-Server"! Probably the LDAP servers limits the time span your LDAP connection is valid and drops the connection. You have to deal with that in your application. ldap.ldapobject.ReconnectLDAPObject is probably what you're looking for. Note that I screwed up a module import in ReconnectLDAPObject in current 2.0.0pre17. Use upcoming 2.0.0pre18 instead. Ciao, Michael. From christian.klinger at econtec.de Wed Dec 10 08:59:05 2003 From: christian.klinger at econtec.de (Christian Klinger) Date: Wed, 10 Dec 2003 08:59:05 +0100 Subject: Error in ldapsearch?? Message-ID: <200312100859.05565.christian.klinger@econtec.de> On Tuesday 09 December 2003 20:43, you wrote: > Klinger Christian wrote: > > The Problem: > > I make some LDAP Queries (Zope External Method) over a large network! > > Sometimes i got a "good" result but sometimes i got the error > > "Can?t contact LDAP-Server"! > > Probably the LDAP servers limits the time span your LDAP connection is > valid and drops the connection. You have to deal with that in your > application. > > ldap.ldapobject.ReconnectLDAPObject is probably what you're looking for. > Note that I screwed up a module import in ReconnectLDAPObject in current > 2.0.0pre17. Use upcoming 2.0.0pre18 instead. > > Ciao, Michael. I'm using OpenLdap Do you know the name of the parameter which i must configure! I see nothing in the OpenLdap -log file! thx christian From michael at stroeder.com Wed Dec 10 10:37:29 2003 From: michael at stroeder.com (=?UTF-8?B?TWljaGFlbCBTdHLDtmRlcg==?=) Date: Wed, 10 Dec 2003 10:37:29 +0100 Subject: Error in ldapsearch?? In-Reply-To: <200312100859.05565.christian.klinger@econtec.de> References: <200312100859.05565.christian.klinger@econtec.de> Message-ID: <3FD6E959.1090001@stroeder.com> Christian Klinger wrote: > Michael Str?der wrote: > >>Probably the LDAP servers limits the time span your LDAP connection is >>valid and drops the connection. You have to deal with that in your >>application. > > I'm using OpenLdap > Do you know the name of the parameter which i must configure! > I see nothing in the OpenLdap -log file! Well, man slapd.conf reveals that parameters 'idletimeout' and 'limits' looks promising. This is off-topic here. openldap-software at openldap.org is the forum to ask details about this. >>ldap.ldapobject.ReconnectLDAPObject is probably what you're looking for. >>Note that I screwed up a module import in ReconnectLDAPObject in current >>2.0.0pre17. Use upcoming 2.0.0pre18 instead. Anyway ldap.ldapobject.ReconnectLDAPObject is the proper way to deal with it. I released 2.0.0pre18 yesterday. Ciao, Michael. From michael at stroeder.com Sun Dec 21 15:53:37 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Sun, 21 Dec 2003 15:53:37 +0100 Subject: Functions deprecated in OpenLDAP C API Message-ID: <3FE5B3F1.4090401@stroeder.com> HI! I tried to substitute most of the functions which are marked as deprecated in ldap.h of current OpenLDAP C API. Please update your local CVS directory and test! Note that there are all the arguments ready to pass around server and client controls to the OpenLDAP C API but it's not implemented yet. Any takers? Still left is usage of deprecated function ldap_bind(). According to K. Zeilenga ldap_sasl_bind() should be used instead even for simple bind. I'm not clear about the state of the SASL-related code. Please also take note of file TODO and please contribute if you are able to spend some time. Ciao, Michael. From jens at zope.com Sun Dec 21 16:30:54 2003 From: jens at zope.com (Jens Vagelpohl) Date: Sun, 21 Dec 2003 10:30:54 -0500 Subject: Functions deprecated in OpenLDAP C API In-Reply-To: <3FE5B3F1.4090401@stroeder.com> References: <3FE5B3F1.4090401@stroeder.com> Message-ID: > Please update your local CVS directory and test! Building and some simple bind/search tests against the built-in OpenLDAP on Mac OS X 10.3.1 work fine. jens -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2355 bytes Desc: not available URL: From michael at stroeder.com Mon Dec 22 10:25:46 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Mon, 22 Dec 2003 10:25:46 +0100 Subject: python-ldap now in darwinports In-Reply-To: <82D2BCC9-3351-11D8-9181-000393B7748C@opendarwin.org> References: <82D2BCC9-3351-11D8-9181-000393B7748C@opendarwin.org> Message-ID: <3FE6B89A.5080107@stroeder.com> Markus W. Weissmann wrote: > > I just wanted to let you know that we've got python-ldap in darwinports > [ http://darwinports.opendarwin.org/ ], > the (ng) ports collection for os-x/darwin; perhaps you want to add this > to the python-ldap homepage to the > downloads section. > You'll find it on our page here: > http://darwinports.opendarwin.org/ports?by=name&substr=py-ldap > (although this will take some hours for it to appears there, till the > index is updated) Added link to http://python-ldap.sourceforge.net/download.shtml Thanks for letting us know. Please watch out for announcements of new versions on python-ldap-dev at lists.sourceforge.net if not already subscribed to this list. Ciao, Michael. From michael at stroeder.com Tue Dec 23 12:40:47 2003 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Tue, 23 Dec 2003 12:40:47 +0100 Subject: Functions deprecated in OpenLDAP C API In-Reply-To: References: <3FE5B3F1.4090401@stroeder.com> Message-ID: <3FE829BF.5020802@stroeder.com> Jens Vagelpohl wrote: >> Please update your local CVS directory and test! > > Building and some simple bind/search tests against the built-in OpenLDAP > on Mac OS X 10.3.1 work fine. Unfortunately there is no new code in bind/search. ;-) One should test add(), modify(), delete(), compare(), unbind() or their _s counterparts. Ciao, Michael. From jens at zope.com Tue Dec 23 13:57:51 2003 From: jens at zope.com (Jens Vagelpohl) Date: Tue, 23 Dec 2003 07:57:51 -0500 Subject: Functions deprecated in OpenLDAP C API In-Reply-To: <3FE829BF.5020802@stroeder.com> References: <3FE5B3F1.4090401@stroeder.com> <3FE829BF.5020802@stroeder.com> Message-ID: <9E142250-3547-11D8-BCCB-000393D58818@zope.com> >>> >> Building and some simple bind/search tests against the built-in >> OpenLDAP on Mac OS X 10.3.1 work fine. > > Unfortunately there is no new code in bind/search. ;-) > > One should test add(), modify(), delete(), compare(), unbind() or > their _s counterparts. OK, just used it in Zope with the LDAPUserFolder, now I can say that add_s, modify_s and delete_s work ;) jens -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2355 bytes Desc: not available URL: