[python-ldap] Querying Active Directory excessively slower than querying eDirectory
Michael Ströder
michael at stroeder.com
Wed May 18 10:20:13 CEST 2011
Thorsten Kampe wrote:
> Please note that "hints" are only useful if the "hinted one" is on the
> same level knowledgewise as the one who gives the hint.
The "hinted one" could also assume that a "hint" is given for good reasons and
ask back if he/she does not understand the hint.
> I did not know
> that python-ldap actively tries to follow the referrals and I did not
> know how to turn it off.
It's the default behaviour of the OpenLDAP libs.
MS AD makes use of LDAPv3 referrals. But it assumes that the clients chase the
referrals binding with the standard Windows identity (with GSSAPI/Kerberos).
But this behaviour is not standardized in LDAPv3 RFCs. So basically switch off
automatic referral chasing is always a good idea.
Ciao, Michael.
More information about the python-ldap
mailing list