From tobias.deb at gmail.com Thu Oct 1 09:36:30 2015 From: tobias.deb at gmail.com (Tobias Diaz Diaz-Chiron) Date: Thu, 1 Oct 2015 09:36:30 +0200 Subject: [python-ldap] [PATCH] Tests for the ldif module In-Reply-To: <560C1A97.4020006@stroeder.com> References: <55FC1352.20105@redhat.com> <560C1A97.4020006@stroeder.com> Message-ID: Hi all, Okey... now it works nice! Thank you! 2015-09-30 19:23 GMT+02:00 Michael Str?der : > Petr Viktorin wrote: > > I've written some basic tests for the ldif module. > > I had to restructure this a bit because the LDIF string representations are > ambigous. So you can only compare the parsed structures. > > Checking whether LDIFWriter._needs_base64_encoding() etc. works correctly > has > to be done in separate tests. > > Please have a look at the version in CVS HEAD. > > Ciao, Michael. > > > _______________________________________________ > python-ldap mailing list > python-ldap at python.org > https://mail.python.org/mailman/listinfo/python-ldap > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From pviktori at redhat.com Fri Oct 2 15:28:54 2015 From: pviktori at redhat.com (Petr Viktorin) Date: Fri, 2 Oct 2015 15:28:54 +0200 Subject: [python-ldap] [PATCH] Tests for the ldif module In-Reply-To: <560C1A97.4020006@stroeder.com> References: <55FC1352.20105@redhat.com> <560C1A97.4020006@stroeder.com> Message-ID: <560E8696.80002@redhat.com> On 09/30/2015 07:23 PM, Michael Str?der wrote: > Petr Viktorin wrote: >> I've written some basic tests for the ldif module. > > I had to restructure this a bit because the LDIF string representations are > ambigous. So you can only compare the parsed structures. They are ambiguous, but hopefully the LDIFWriter output is stable (in the sense that the same records produce the same LDIF output). This is not a required property, but would be nice if it held. The original tests always compared either parsed structures or the LDIFWriter output. The third argument to check_roundtrip() was this "normalized" LDIF (in case it was different from the input). This meant tests would break on any change to the output format (not just changes incompatible with the parser), allowing you to inspect if it was intended. Your call: should the LDIFParser+LDIFWriter combination do normalization? Revert patch attached, should you want to use it. It preserves the recently added "attr::b64val" test, and adds a new corner case ("attr:\n", as opposed to "attr: \n"). -- Petr Viktorin -------------- next part -------------- A non-text attachment was scrubbed... Name: ldif-tests-revert.patch Type: text/x-patch Size: 5546 bytes Desc: not available URL: From thierryl at gadventures.com Tue Oct 20 16:36:13 2015 From: thierryl at gadventures.com (Thierry Lam Yan On) Date: Tue, 20 Oct 2015 14:36:13 +0000 Subject: [python-ldap] Bug in ldap.modlist.modifyModlist Message-ID: <127863F6-3493-4A69-BBF7-CB612D627FFB@gadventures.com> For the following code in version 2.4.21: import ldap import ldap.modlist old_values = { 'department': 'Blue Sky', } new_values = { 'department': 'Sky Blue', } mods = ldap.modlist.modifyModlist(old_values, new_values) print mods The above returns: [] The comparison method cannot detect for the same set of words in different order. Thanks, Thierry -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Tue Oct 20 20:20:36 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Tue, 20 Oct 2015 20:20:36 +0200 Subject: [python-ldap] Bug in ldap.modlist.modifyModlist In-Reply-To: <127863F6-3493-4A69-BBF7-CB612D627FFB@gadventures.com> References: <127863F6-3493-4A69-BBF7-CB612D627FFB@gadventures.com> Message-ID: <562685F4.1010702@stroeder.com> Thierry Lam Yan On wrote: > For the following code in version 2.4.21: > > import ldap > > import ldap.modlist > > old_values = { > 'department': 'Blue Sky', > } > > new_values = { > 'department': 'Sky Blue', > } > > mods = ldap.modlist.modifyModlist(old_values, new_values) > > print mods > > The above returns: > [] > > The comparison method cannot detect for the same set of words in different order. Rephrase: Set of chars. ;-] Note that entry dicts must have *list* of attribute values for each attribute: >>> old_values = { ... 'department': ['Blue Sky'], ... } >>> >>> new_values = { ... 'department': ['Sky Blue'], ... } >>> >>> mods = ldap.modlist.modifyModlist(old_values, new_values) >>> mods [(1, 'department', None), (0, 'department', ['Sky Blue'])] Ciao, Michael. P.S.: Please subscribe to the low-traffic mailing list. Otherwise I have to manually approve your posting and you might miss responses only going to the list. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From michael at stroeder.com Sat Oct 24 12:29:15 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Sat, 24 Oct 2015 18:29:15 +0200 Subject: [python-ldap] ANN: python-ldap 2.4.22 Message-ID: <562BB1DB.1060607@stroeder.com> Find a new release of python-ldap: https://pypi.python.org/pypi/python-ldap/2.4.22 python-ldap provides an object-oriented API to access LDAP directory servers from Python programs. It mainly wraps the OpenLDAP 2.x libs for that purpose. Additionally it contains modules for other LDAP-related stuff (e.g. processing LDIF, LDAP URLs and LDAPv3 schema). Project's web site: http://www.python-ldap.org/ Checksums: $ md5sum python-ldap-2.4.22.tar.gz dd7aa79c9c484833f57703484cbff275 $ sha1sum python-ldap-2.4.22.tar.gz 18379e464f807e71513d3bf43fb0d06cc6e57242 $ sha256sum python-ldap-2.4.22.tar.gz 9ef5872a95292f3ffe507aa09c805d7e1558b08159da0a81ba9dd04910be50b7 Ciao, Michael. ---------------------------------------------------------------- Released 2.4.22 2015-10-25 Changes since 2.4.21: Lib/ * LDIFParser now also accepts value-spec without a space after the colon. * Added key-word argument authz_id to LDAPObject methods sasl_non_interactive_bind_s(), sasl_external_bind_s() and sasl_gssapi_bind_s() * Hmmpf! Added missing self to LDAPObject.fileno(). * ReconnectLDAPObject.sasl_bind_s() now correctly uses generic wrapper arguments *args,**kwargs * Correct method name LDIFParser.handle_modify() * Corrected __all__ in modules ldap.controls.pwdpolicy and ldap.controls.openldap Doc/ * Started missing docs for sub-module ldap.sasl. -- Michael Str?der E-Mail: michael at stroeder.com http://www.stroeder.com From deivapalanpg at gmail.com Wed Oct 28 06:35:42 2015 From: deivapalanpg at gmail.com (Deivapalan PG) Date: Wed, 28 Oct 2015 16:05:42 +0530 Subject: [python-ldap] How to add new schema attributes to the existing objectClass Message-ID: Greetings! How to add custom attributes to the existing objectClass ? For example, to inetOrgPerson class, is it possible to add attributetype 'my-original-name' If code snippet is available, that would be great. Thanks in advance. -------------- next part -------------- An HTML attachment was scrubbed... URL: From awilliam at whitemice.org Wed Oct 28 10:07:58 2015 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Wed, 28 Oct 2015 10:07:58 -0400 Subject: [python-ldap] How to add new schema attributes to the existing objectClass In-Reply-To: References: Message-ID: <1446041278.4252.3.camel@whitemice.org> On Wed, 2015-10-28 at 16:05 +0530, Deivapalan PG wrote: > Greetings! > How to add custom attributes to the existing objectClass ? You cannot, ?this violates the LDAP data model. You can extend the objectClass by defining a subordinate object class or by defining an auxiliary object class. ?This is an LDAP, LDAP Schema, and DSA issue - it has nothing to do with Python LDAP. See > For example, to inetOrgPerson class, is it possible to add > attributetype 'my-original-name' No. -- Adam Tauno Williams GPG D95ED383 Systems Administrator, Python Developer, LPI / NCLA From davidgab283 at gmail.com Mon Nov 9 05:54:27 2015 From: davidgab283 at gmail.com (David Gabriel) Date: Mon, 9 Nov 2015 11:54:27 +0100 Subject: [python-ldap] python-ldap syncrepl consumer Message-ID: Dears, I am looking for an example of syncrepl process that should be upated based on any change in the LDAP server. So, could you please provide a code example dealing with a syncrepl process that detects any update in the LDAP server in order to handle it locally ? Herafter, the code I wrote to ensure the connection to the server, but I don't know how to enhance it to use the syncrepl Consumer API (e.g., using syncrepl_poll procedure) ? ------------------------ from ldap.syncrepl import SyncreplConsumer import ldap, sys link = 'ldap://localhost' l = ldap.initialize(link) try: l.bind_s("","") except ldap.INVALID_CREDENTIALS: print "Your username or password is incorrect." sys.exit() except ldap.LDAPError, e: if type(e.message) == dict and e.message.has_key('desc'): print e.message['desc'] else: print e sys.exit() #syncrepl_poll(-1, None,0) -------------------- Thanks in advance. Kind regards -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Mon Nov 9 09:45:59 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Mon, 9 Nov 2015 15:45:59 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: References: Message-ID: <5640B1A7.2090308@stroeder.com> David Gabriel wrote: > I am looking for an example of syncrepl process that should be upated based > on any change in the LDAP server. Demo/pyasn1/syncrepl.py available in the source distribution tar.gz. Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From davidgab283 at gmail.com Tue Nov 10 11:10:51 2015 From: davidgab283 at gmail.com (David Gabriel) Date: Tue, 10 Nov 2015 17:10:51 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: <5640B1A7.2090308@stroeder.com> References: <5640B1A7.2090308@stroeder.com> Message-ID: Thank you so much for your quick answer. Since yesterday I have tried to run the example I found in the indicated directory (Demo/pyasn1/syncrepl.py) using this command : python syncrepl.py ldap://localhost test.com but I still get this error "TypeError: must be string, not None". And it is caused from "ldap_url.who" which is None. Could you please tell me how to fix this issue ? Is it problem coming from server side or the arguments ... ? Thanks in advance. Best regards, 2015-11-09 15:45 GMT+01:00 Michael Str?der : > David Gabriel wrote: > > I am looking for an example of syncrepl process that should be upated > based > > on any change in the LDAP server. > > Demo/pyasn1/syncrepl.py available in the source distribution tar.gz. > > Ciao, Michael. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Tue Nov 10 12:41:57 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=C3=B6der?=) Date: Tue, 10 Nov 2015 18:41:57 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: References: <5640B1A7.2090308@stroeder.com> Message-ID: <6286a172248c6166146db6f9e13d988a@localhost> On 2015-11-10 17:10, David Gabriel wrote: > Thank you so much for your quick answer. > Since yesterday I have tried to run the example I found in the > indicated directory (Demo/pyasn1/syncrepl.py) using this command : > python syncrepl.py ldap://localhost test.com [1] but I still get this > error "TypeError: must be string, not None". And it is caused from > "ldap_url.who" which is None. > Could you please tell me how to fix this issue ? > Is it problem coming from server side or the arguments ... ? Please always send a complete exception traceback if one of the demo scripts fail. Ciao, Michael. From pspacek at redhat.com Wed Nov 11 02:55:27 2015 From: pspacek at redhat.com (Petr Spacek) Date: Wed, 11 Nov 2015 08:55:27 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: <6286a172248c6166146db6f9e13d988a@localhost> References: <5640B1A7.2090308@stroeder.com> <6286a172248c6166146db6f9e13d988a@localhost> Message-ID: <5642F46F.2010304@redhat.com> On 10.11.2015 18:41, Michael Str?der wrote: > On 2015-11-10 17:10, David Gabriel wrote: >> Thank you so much for your quick answer. >> Since yesterday I have tried to run the example I found in the >> indicated directory (Demo/pyasn1/syncrepl.py) using this command : >> python syncrepl.py ldap://localhost test.com [1] but I still get this >> error "TypeError: must be string, not None". And it is caused from >> "ldap_url.who" which is None. >> Could you please tell me how to fix this issue ? >> Is it problem coming from server side or the arguments ... ? > > Please always send a complete exception traceback if one of the demo scripts > fail. You have to specify BIND DN etc., please see the example: $ python syncrepl.py Usage: syncrepl.py syncrepl.py 'ldap://127.0.0.1/cn=users,dc=test?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=users%2cdc=test,X-BINDPW=password' db.shelve -- Petr Spacek @ Red Hat From davidgab283 at gmail.com Thu Nov 12 03:51:37 2015 From: davidgab283 at gmail.com (David Gabriel) Date: Thu, 12 Nov 2015 09:51:37 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: <6286a172248c6166146db6f9e13d988a@localhost> References: <5640B1A7.2090308@stroeder.com> <6286a172248c6166146db6f9e13d988a@localhost> Message-ID: Dear Michael and all, This is the exception traceback I got: $ python syncrepl.py ldap://localhost test.com Connecting to LDAP server now... Traceback (most recent call last): File "syncrepl.py", line 142, in ldap_connection.simple_bind_s(ldap_url.who,ldap_url.cred) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 831, in simple_bind_s res = self._apply_method_s(SimpleLDAPObject.simple_bind_s,*args,**kwargs) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 812, in _apply_method_s return func(self,*args,**kwargs) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 207, in simple_bind_s msgid = self.simple_bind(who,cred,serverctrls,clientctrls) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 201, in simple_bind return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls)) File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 99, in _ldap_call result = func(*args,**kwargs) TypeError: must be string, not None 2015-11-10 18:41 GMT+01:00 Michael Str?der : > On 2015-11-10 17:10, David Gabriel wrote: > >> Thank you so much for your quick answer. >> Since yesterday I have tried to run the example I found in the >> indicated directory (Demo/pyasn1/syncrepl.py) using this command : >> python syncrepl.py ldap://localhost test.com [1] but I still get this >> error "TypeError: must be string, not None". And it is caused from >> "ldap_url.who" which is None. >> Could you please tell me how to fix this issue ? >> Is it problem coming from server side or the arguments ... ? >> > > Please always send a complete exception traceback if one of the demo > scripts fail. > > Ciao, Michael. > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From pspacek at redhat.com Thu Nov 12 05:35:27 2015 From: pspacek at redhat.com (Petr Spacek) Date: Thu, 12 Nov 2015 11:35:27 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: References: <5640B1A7.2090308@stroeder.com> <6286a172248c6166146db6f9e13d988a@localhost> <5642F46F.2010304@redhat.com> Message-ID: <56446B6F.2050208@redhat.com> On 12.11.2015 11:03, David Gabriel wrote: > Dear Petr and all, > > Thanks you very much for your help. > I am applying the same command as you suggest: > $ python syncrepl.py 'ldap:// > 127.0.0.1/cn=admin,dc=test,dc=com?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com,X-BINDPW=myPasswd' > test.com > Connecting to LDAP server now... > Login to LDAP server failed: {'desc': 'Invalid credentials'} > But I still get this failure message. > Kindly find attached my server configuration. Please tell me if I am using > the right command or I am confusing. > NB: When I run the syncrepl demo script without any argument I get this > message: > python syncrepl.py > Usage: syncrepl*-client*.py . I am > wondering if I am using an old version of syncrepl demo file ? > > Thanks in adance. > > 2015-11-11 8:55 GMT+01:00 Petr Spacek : > >> On 10.11.2015 18:41, Michael Str?der wrote: >>> On 2015-11-10 17:10, David Gabriel wrote: >>>> Thank you so much for your quick answer. >>>> Since yesterday I have tried to run the example I found in the >>>> indicated directory (Demo/pyasn1/syncrepl.py) using this command : >>>> python syncrepl.py ldap://localhost test.com [1] but I still get this >>>> error "TypeError: must be string, not None". And it is caused from >>>> "ldap_url.who" which is None. >>>> Could you please tell me how to fix this issue ? >>>> Is it problem coming from server side or the arguments ... ? >>> >>> Please always send a complete exception traceback if one of the demo >> scripts >>> fail. >> >> You have to specify BIND DN etc., please see the example: >> >> $ python syncrepl.py >> Usage: >> syncrepl.py >> syncrepl.py >> 'ldap:// >> 127.0.0.1/cn=users,dc=test?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=users%2cdc=test,X-BINDPW=password >> ' >> db.shelve You need to change the LDAP URL to suit your needs. "cn=users,dc=test" is base DN. "bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com" is BIND DN. "X-BINDPW=myPasswd" is obviously a passwword used for BIND :-) The screenshot should contain values you need. -- Petr Spacek @ Red Hat From davidgab283 at gmail.com Thu Nov 12 08:18:24 2015 From: davidgab283 at gmail.com (David Gabriel) Date: Thu, 12 Nov 2015 14:18:24 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: <56446B6F.2050208@redhat.com> References: <5640B1A7.2090308@stroeder.com> <6286a172248c6166146db6f9e13d988a@localhost> <5642F46F.2010304@redhat.com> <56446B6F.2050208@redhat.com> Message-ID: Dear Petr and all, Thank you so much for your help. I updated the command as follow : *$ python syncrepl.py 'ldap://127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 ' test.com * But I get this error as described in the trace below : *$ python syncrepl.py 'ldap://127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 ' test.com * *Connecting to LDAP server now...* *Commencing sync process* *Encountered a problem, going to retry. Error: {'info': 'critical extension is not recognized', 'desc': 'Critical extension is unavailable'}* *Connecting to LDAP server now...* *Commencing sync process* *Encountered a problem, going to retry. Error: {'info': 'critical extension is not recognized', 'desc': 'Critical extension is unavailable'}* *^CShutting down!* Could you please help to fix this issue. In fact, I am new to domain ! Thanks in advance. 2015-11-12 11:35 GMT+01:00 Petr Spacek : > On 12.11.2015 11:03, David Gabriel wrote: > > Dear Petr and all, > > > > Thanks you very much for your help. > > I am applying the same command as you suggest: > > $ python syncrepl.py 'ldap:// > > > 127.0.0.1/cn=admin,dc=test,dc=com?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com,X-BINDPW=myPasswd > ' > > test.com > > Connecting to LDAP server now... > > Login to LDAP server failed: {'desc': 'Invalid credentials'} > > But I still get this failure message. > > Kindly find attached my server configuration. Please tell me if I am > using > > the right command or I am confusing. > > NB: When I run the syncrepl demo script without any argument I get this > > message: > > python syncrepl.py > > Usage: syncrepl*-client*.py . I am > > wondering if I am using an old version of syncrepl demo file ? > > > > Thanks in adance. > > > > 2015-11-11 8:55 GMT+01:00 Petr Spacek : > > > >> On 10.11.2015 18:41, Michael Str?der wrote: > >>> On 2015-11-10 17:10, David Gabriel wrote: > >>>> Thank you so much for your quick answer. > >>>> Since yesterday I have tried to run the example I found in the > >>>> indicated directory (Demo/pyasn1/syncrepl.py) using this command : > >>>> python syncrepl.py ldap://localhost test.com [1] but I still get this > >>>> error "TypeError: must be string, not None". And it is caused from > >>>> "ldap_url.who" which is None. > >>>> Could you please tell me how to fix this issue ? > >>>> Is it problem coming from server side or the arguments ... ? > >>> > >>> Please always send a complete exception traceback if one of the demo > >> scripts > >>> fail. > >> > >> You have to specify BIND DN etc., please see the example: > >> > >> $ python syncrepl.py > >> Usage: > >> syncrepl.py > >> syncrepl.py > >> 'ldap:// > >> > 127.0.0.1/cn=users,dc=test?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=users%2cdc=test,X-BINDPW=password > >> ' > >> db.shelve > > You need to change the LDAP URL to suit your needs. > "cn=users,dc=test" is base DN. > "bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com" is BIND DN. > "X-BINDPW=myPasswd" is obviously a passwword used for BIND :-) > > The screenshot should contain values you need. > > -- > Petr Spacek @ Red Hat > -------------- next part -------------- An HTML attachment was scrubbed... URL: From pspacek at redhat.com Thu Nov 12 10:00:25 2015 From: pspacek at redhat.com (Petr Spacek) Date: Thu, 12 Nov 2015 16:00:25 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: References: <5640B1A7.2090308@stroeder.com> <6286a172248c6166146db6f9e13d988a@localhost> <5642F46F.2010304@redhat.com> <56446B6F.2050208@redhat.com> Message-ID: <5644A989.4030908@redhat.com> On 12.11.2015 14:18, David Gabriel wrote: > Dear Petr and all, > > Thank you so much for your help. > I updated the command as follow : *$ python syncrepl.py > 'ldap://127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 > ' > test.com * > But I get this error as described in the trace below : > > *$ python syncrepl.py > 'ldap://127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 > ' > test.com * > *Connecting to LDAP server now...* > *Commencing sync process* > *Encountered a problem, going to retry. Error: {'info': 'critical extension > is not recognized', 'desc': 'Critical extension is unavailable'}* > *Connecting to LDAP server now...* > *Commencing sync process* > *Encountered a problem, going to retry. Error: {'info': 'critical extension > is not recognized', 'desc': 'Critical extension is unavailable'}* > *^CShutting down!* I suppose that you did not configure SyncRepl on server side, please consult server configuration docs. Petr Spacek @ Red Hat > Could you please help to fix this issue. In fact, I am new to domain ! > Thanks in advance. > > 2015-11-12 11:35 GMT+01:00 Petr Spacek : > >> On 12.11.2015 11:03, David Gabriel wrote: >>> Dear Petr and all, >>> >>> Thanks you very much for your help. >>> I am applying the same command as you suggest: >>> $ python syncrepl.py 'ldap:// >>> >> 127.0.0.1/cn=admin,dc=test,dc=com?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com,X-BINDPW=myPasswd >> ' >>> test.com >>> Connecting to LDAP server now... >>> Login to LDAP server failed: {'desc': 'Invalid credentials'} >>> But I still get this failure message. >>> Kindly find attached my server configuration. Please tell me if I am >> using >>> the right command or I am confusing. >>> NB: When I run the syncrepl demo script without any argument I get this >>> message: >>> python syncrepl.py >>> Usage: syncrepl*-client*.py . I am >>> wondering if I am using an old version of syncrepl demo file ? >>> >>> Thanks in adance. >>> >>> 2015-11-11 8:55 GMT+01:00 Petr Spacek : >>> >>>> On 10.11.2015 18:41, Michael Str?der wrote: >>>>> On 2015-11-10 17:10, David Gabriel wrote: >>>>>> Thank you so much for your quick answer. >>>>>> Since yesterday I have tried to run the example I found in the >>>>>> indicated directory (Demo/pyasn1/syncrepl.py) using this command : >>>>>> python syncrepl.py ldap://localhost test.com [1] but I still get this >>>>>> error "TypeError: must be string, not None". And it is caused from >>>>>> "ldap_url.who" which is None. >>>>>> Could you please tell me how to fix this issue ? >>>>>> Is it problem coming from server side or the arguments ... ? >>>>> >>>>> Please always send a complete exception traceback if one of the demo >>>> scripts >>>>> fail. >>>> >>>> You have to specify BIND DN etc., please see the example: >>>> >>>> $ python syncrepl.py >>>> Usage: >>>> syncrepl.py >>>> syncrepl.py >>>> 'ldap:// >>>> >> 127.0.0.1/cn=users,dc=test?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=users%2cdc=test,X-BINDPW=password >>>> ' >>>> db.shelve >> >> You need to change the LDAP URL to suit your needs. >> "cn=users,dc=test" is base DN. >> "bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com" is BIND DN. >> "X-BINDPW=myPasswd" is obviously a passwword used for BIND :-) >> >> The screenshot should contain values you need. From davidgab283 at gmail.com Thu Nov 12 11:43:04 2015 From: davidgab283 at gmail.com (David Gabriel) Date: Thu, 12 Nov 2015 17:43:04 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: <5644A989.4030908@redhat.com> References: <5640B1A7.2090308@stroeder.com> <6286a172248c6166146db6f9e13d988a@localhost> <5642F46F.2010304@redhat.com> <56446B6F.2050208@redhat.com> <5644A989.4030908@redhat.com> Message-ID: Thanks Petr for your answer ... I configured the server side based on this tutorial , I restart my server but still I get the same error. NB: I didn't consider the "Set up the consumer slapd" section because I am relying on the python consumer application. Please tell me what shall I do ? Any help from your side is welcome ? 2015-11-12 16:00 GMT+01:00 Petr Spacek : > On 12.11.2015 14:18, David Gabriel wrote: > > Dear Petr and all, > > > > Thank you so much for your help. > > I updated the command as follow : *$ python syncrepl.py > > 'ldap:// > 127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 > > < > http://127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 > >' > > test.com * > > But I get this error as described in the trace below : > > > > *$ python syncrepl.py > > 'ldap:// > 127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 > > < > http://127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 > >' > > test.com * > > *Connecting to LDAP server now...* > > *Commencing sync process* > > *Encountered a problem, going to retry. Error: {'info': 'critical > extension > > is not recognized', 'desc': 'Critical extension is unavailable'}* > > *Connecting to LDAP server now...* > > *Commencing sync process* > > *Encountered a problem, going to retry. Error: {'info': 'critical > extension > > is not recognized', 'desc': 'Critical extension is unavailable'}* > > *^CShutting down!* > > I suppose that you did not configure SyncRepl on server side, please > consult > server configuration docs. > > Petr Spacek @ Red Hat > > > Could you please help to fix this issue. In fact, I am new to domain ! > > Thanks in advance. > > > > 2015-11-12 11:35 GMT+01:00 Petr Spacek : > > > >> On 12.11.2015 11:03, David Gabriel wrote: > >>> Dear Petr and all, > >>> > >>> Thanks you very much for your help. > >>> I am applying the same command as you suggest: > >>> $ python syncrepl.py 'ldap:// > >>> > >> > 127.0.0.1/cn=admin,dc=test,dc=com?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com,X-BINDPW=myPasswd > >> ' > >>> test.com > >>> Connecting to LDAP server now... > >>> Login to LDAP server failed: {'desc': 'Invalid credentials'} > >>> But I still get this failure message. > >>> Kindly find attached my server configuration. Please tell me if I am > >> using > >>> the right command or I am confusing. > >>> NB: When I run the syncrepl demo script without any argument I get this > >>> message: > >>> python syncrepl.py > >>> Usage: syncrepl*-client*.py . I am > >>> wondering if I am using an old version of syncrepl demo file ? > >>> > >>> Thanks in adance. > >>> > >>> 2015-11-11 8:55 GMT+01:00 Petr Spacek : > >>> > >>>> On 10.11.2015 18:41, Michael Str?der wrote: > >>>>> On 2015-11-10 17:10, David Gabriel wrote: > >>>>>> Thank you so much for your quick answer. > >>>>>> Since yesterday I have tried to run the example I found in the > >>>>>> indicated directory (Demo/pyasn1/syncrepl.py) using this command : > >>>>>> python syncrepl.py ldap://localhost test.com [1] but I still get > this > >>>>>> error "TypeError: must be string, not None". And it is caused from > >>>>>> "ldap_url.who" which is None. > >>>>>> Could you please tell me how to fix this issue ? > >>>>>> Is it problem coming from server side or the arguments ... ? > >>>>> > >>>>> Please always send a complete exception traceback if one of the demo > >>>> scripts > >>>>> fail. > >>>> > >>>> You have to specify BIND DN etc., please see the example: > >>>> > >>>> $ python syncrepl.py > >>>> Usage: > >>>> syncrepl.py > >>>> syncrepl.py > >>>> 'ldap:// > >>>> > >> > 127.0.0.1/cn=users,dc=test?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=users%2cdc=test,X-BINDPW=password > >>>> ' > >>>> db.shelve > >> > >> You need to change the LDAP URL to suit your needs. > >> "cn=users,dc=test" is base DN. > >> "bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com" is BIND DN. > >> "X-BINDPW=myPasswd" is obviously a passwword used for BIND :-) > >> > >> The screenshot should contain values you need. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From pspacek at redhat.com Fri Nov 13 02:08:39 2015 From: pspacek at redhat.com (Petr Spacek) Date: Fri, 13 Nov 2015 08:08:39 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: References: <5640B1A7.2090308@stroeder.com> <6286a172248c6166146db6f9e13d988a@localhost> <5642F46F.2010304@redhat.com> <56446B6F.2050208@redhat.com> <5644A989.4030908@redhat.com> Message-ID: <56458C77.80704@redhat.com> Hello, On 12.11.2015 17:43, David Gabriel wrote: > Thanks Petr for your answer ... > I configured the server side based on this tutorial > , I restart my server > but still I get the same error. > NB: I didn't consider the "Set up the consumer slapd" section because I am > relying on the python consumer application. > > Please tell me what shall I do ? I'm sorry, I do not use OpenLDAP at all so I can't tell you more :-( I would recommend you to Google it again and if that fail contact one of OpenLDAP mailing lists: http://www.openldap.org/lists/ I hope this helps. Petr Spacek @ Red Hat > Any help from your side is welcome ? > > 2015-11-12 16:00 GMT+01:00 Petr Spacek : > >> On 12.11.2015 14:18, David Gabriel wrote: >>> Dear Petr and all, >>> >>> Thank you so much for your help. >>> I updated the command as follow : *$ python syncrepl.py >>> 'ldap:// >> 127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 >>> < >> http://127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 >>> ' >>> test.com * >>> But I get this error as described in the trace below : >>> >>> *$ python syncrepl.py >>> 'ldap:// >> 127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 >>> < >> http://127.0.0.1/dc=test,dc=com?*?sub?(objectClass=*)?bindname=cn=admin%2cdc=test%2cdc=com,X-BINDPW=a123456 >>> ' >>> test.com * >>> *Connecting to LDAP server now...* >>> *Commencing sync process* >>> *Encountered a problem, going to retry. Error: {'info': 'critical >> extension >>> is not recognized', 'desc': 'Critical extension is unavailable'}* Hel>>> *Connecting to LDAP server now...* >>> *Commencing sync process* >>> *Encountered a problem, going to retry. Error: {'info': 'critical >> extension >>> is not recognized', 'desc': 'Critical extension is unavailable'}* >>> *^CShutting down!* >> >> I suppose that you did not configure SyncRepl on server side, please >> consult >> server configuration docs. >> >> Petr Spacek @ Red Hat >> >>> Could you please help to fix this issue. In fact, I am new to domain ! >>> Thanks in advance. >>> >>> 2015-11-12 11:35 GMT+01:00 Petr Spacek : >>> >>>> On 12.11.2015 11:03, David Gabriel wrote: >>>>> Dear Petr and all, >>>>> >>>>> Thanks you very much for your help. >>>>> I am applying the same command as you suggest: >>>>> $ python syncrepl.py 'ldap:// >>>>> >>>> >> 127.0.0.1/cn=admin,dc=test,dc=com?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com,X-BINDPW=myPasswd >>>> ' >>>>> test.com >>>>> Connecting to LDAP server now... >>>>> Login to LDAP server failed: {'desc': 'Invalid credentials'} >>>>> But I still get this failure message. >>>>> Kindly find attached my server configuration. Please tell me if I am >>>> using >>>>> the right command or I am confusing. >>>>> NB: When I run the syncrepl demo script without any argument I get this >>>>> message: >>>>> python syncrepl.py >>>>> Usage: syncrepl*-client*.py . I am >>>>> wondering if I am using an old version of syncrepl demo file ? >>>>> >>>>> Thanks in adance. >>>>> >>>>> 2015-11-11 8:55 GMT+01:00 Petr Spacek : >>>>> >>>>>> On 10.11.2015 18:41, Michael Str?der wrote: >>>>>>> On 2015-11-10 17:10, David Gabriel wrote: >>>>>>>> Thank you so much for your quick answer. >>>>>>>> Since yesterday I have tried to run the example I found in the >>>>>>>> indicated directory (Demo/pyasn1/syncrepl.py) using this command : >>>>>>>> python syncrepl.py ldap://localhost test.com [1] but I still get >> this >>>>>>>> error "TypeError: must be string, not None". And it is caused from >>>>>>>> "ldap_url.who" which is None. >>>>>>>> Could you please tell me how to fix this issue ? >>>>>>>> Is it problem coming from server side or the arguments ... ? >>>>>>> >>>>>>> Please always send a complete exception traceback if one of the demo >>>>>> scripts >>>>>>> fail. >>>>>> >>>>>> You have to specify BIND DN etc., please see the example: >>>>>> >>>>>> $ python syncrepl.py >>>>>> Usage: >>>>>> syncrepl.py >>>>>> syncrepl.py >>>>>> 'ldap:// >>>>>> >>>> >> 127.0.0.1/cn=users,dc=test?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=users%2cdc=test,X-BINDPW=password >>>>>> ' >>>>>> db.shelve >>>> >>>> You need to change the LDAP URL to suit your needs. >>>> "cn=users,dc=test" is base DN. >>>> "bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com" is BIND DN. >>>> "X-BINDPW=myPasswd" is obviously a passwword used for BIND :-) >>>> >>>> The screenshot should contain values you need. From mejiaa at amazon.com Wed Nov 11 17:03:51 2015 From: mejiaa at amazon.com (Andres Mejia) Date: Wed, 11 Nov 2015 17:03:51 -0500 Subject: [python-ldap] Patches Against python-ldap-2.4.22 for Python 3 Support Message-ID: <5643BB47.9070401@amazon.com> Hi all, Here are patches for getting python-ldap working in Python 2 and 3 (see attached). These patches should apply cleanly with the python-ldap-2.4.22 release. I ensured the latest changes passes the supplied test suite with some slight modification to the test suite as I explain in the first patch. I have tested and verified this works with Python v2.6 and up. -- Andres -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Fix-test-cases-so-that-current-python-ldap-implement.patch Type: text/x-patch Size: 20100 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 0002-Support-Python-3.patch Type: text/x-patch Size: 94532 bytes Desc: not available URL: From davidgab283 at gmail.com Thu Nov 12 05:03:45 2015 From: davidgab283 at gmail.com (David Gabriel) Date: Thu, 12 Nov 2015 11:03:45 +0100 Subject: [python-ldap] python-ldap syncrepl consumer In-Reply-To: <5642F46F.2010304@redhat.com> References: <5640B1A7.2090308@stroeder.com> <6286a172248c6166146db6f9e13d988a@localhost> <5642F46F.2010304@redhat.com> Message-ID: Dear Petr and all, Thanks you very much for your help. I am applying the same command as you suggest: $ python syncrepl.py 'ldap:// 127.0.0.1/cn=admin,dc=test,dc=com?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=admin%2cdc=test%2cdc=com,X-BINDPW=myPasswd' test.com Connecting to LDAP server now... Login to LDAP server failed: {'desc': 'Invalid credentials'} But I still get this failure message. Kindly find attached my server configuration. Please tell me if I am using the right command or I am confusing. NB: When I run the syncrepl demo script without any argument I get this message: python syncrepl.py Usage: syncrepl*-client*.py . I am wondering if I am using an old version of syncrepl demo file ? Thanks in adance. 2015-11-11 8:55 GMT+01:00 Petr Spacek : > On 10.11.2015 18:41, Michael Str?der wrote: > > On 2015-11-10 17:10, David Gabriel wrote: > >> Thank you so much for your quick answer. > >> Since yesterday I have tried to run the example I found in the > >> indicated directory (Demo/pyasn1/syncrepl.py) using this command : > >> python syncrepl.py ldap://localhost test.com [1] but I still get this > >> error "TypeError: must be string, not None". And it is caused from > >> "ldap_url.who" which is None. > >> Could you please tell me how to fix this issue ? > >> Is it problem coming from server side or the arguments ... ? > > > > Please always send a complete exception traceback if one of the demo > scripts > > fail. > > You have to specify BIND DN etc., please see the example: > > $ python syncrepl.py > Usage: > syncrepl.py > syncrepl.py > 'ldap:// > 127.0.0.1/cn=users,dc=test?*?sub?(objectClass=*)?bindname=uid=admin%2ccn=users%2cdc=test,X-BINDPW=password > ' > db.shelve > > -- > Petr Spacek @ Red Hat > _______________________________________________ > python-ldap mailing list > python-ldap at python.org > https://mail.python.org/mailman/listinfo/python-ldap > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: LDAP_Server_Config.png Type: image/png Size: 42835 bytes Desc: not available URL: From mejiaa at amazon.com Thu Nov 12 16:13:44 2015 From: mejiaa at amazon.com (Andres Mejia) Date: Thu, 12 Nov 2015 16:13:44 -0500 Subject: [python-ldap] Patches Against python-ldap-2.4.22 for Python 3 Support Message-ID: <56450108.4060805@amazon.com> Hi all, I sent this yesterday and I have not seen it appear in the mailing list archives. I'm not sure what happened. Apologies for multiple postings. Here are patches for getting python-ldap working in Python 2 and 3 (see attached). These patches should apply cleanly with the python-ldap-2.4.22 release. I ensured the latest changes passes the supplied test suite with some slight modification to the test suite as I explain in the first patch. I have tested and verified this works with Python v2.6 and up. -- Andres -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Fix-test-cases-so-that-current-python-ldap-implement.patch Type: text/x-patch Size: 20101 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 0002-Support-Python-3.patch Type: text/x-patch Size: 94533 bytes Desc: not available URL: From davidgab283 at gmail.com Sun Nov 15 11:02:00 2015 From: davidgab283 at gmail.com (David Gabriel) Date: Sun, 15 Nov 2015 17:02:00 +0100 Subject: [python-ldap] Syncrepl Error : critical extension is not recognized Message-ID: Dears, I want to use syncrepl in order to synchronize my consumer which is a Python application. I configured the server side based on this tutorial , I restart my server but I get the following error when I run my python application : 'info': 'critical extension is not recognized', 'desc': 'Critical extension is unavailable' NB: I didn't consider the "Set up the consumer slapd" section because I am relying on the python consumer application . Please tell me what shall I do ? Any help from your side is welcome ? Thanks in advance. Regards -------------- next part -------------- An HTML attachment was scrubbed... URL: From davidgab283 at gmail.com Mon Nov 16 04:43:36 2015 From: davidgab283 at gmail.com (David Gabriel) Date: Mon, 16 Nov 2015 10:43:36 +0100 Subject: [python-ldap] Syncrepl Error : critical extension is not recognized In-Reply-To: References: Message-ID: Dears, I have just fixed my issue and I want to share with you the how to, it may it is useful for seomeone ... In fact, there was a missing configuration part that was not detailed in the majority of web sites I checked. The missing part is detailed in this subsection . I remind I rely on a syncrepl consumer python script . Thus I did not configure the consumer side. Thanks for your help. Regards 2015-11-15 17:02 GMT+01:00 David Gabriel : > Dears, > > I want to use syncrepl in order to synchronize my consumer which is a > Python application. I configured the server side based on this tutorial > , I restart my > server but I get the following error when I run my python application > > : > 'info': 'critical extension is not recognized', 'desc': 'Critical > extension is unavailable' > > NB: I didn't consider the "Set up the consumer slapd" section because I am > relying on the python consumer application > > . > > Please tell me what shall I do ? > Any help from your side is welcome ? > > Thanks in advance. > Regards > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From cesium5500 at yahoo.ca Thu Nov 19 00:03:31 2015 From: cesium5500 at yahoo.ca (cesium5500 at yahoo.ca) Date: Thu, 19 Nov 2015 00:03:31 -0500 Subject: [python-ldap] Documentation and Git Message-ID: <564D5823.6030407@yahoo.ca> Hello, I take sometime to report my disappointing experience with python-ldap : I was having issue connecting to an LDAPS server, I did some research, and fall on some post on stackoverflow mentioning about "ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)" Then, I would like to better understand what these options where doing exactly, but the only reference about them in python-ldap documentation I could found are below : http://www.python-ldap.org/doc/html/ldap.html?highlight=opt_x_tls_require_cert#ldap.OPT_X_TLS_REQUIRE_CERT http://www.python-ldap.org/doc/html/ldap.html?highlight=opt_x_tls_require_cert#ldap.OPT_X_TLS_NEVER So, I try to have look to the source code... CVS, damn, I will need to download it and grep to find where are these options used... A little to much work for an hacking night... I think it could help if we could have the source code under Git and Github, what do you think? Here documentation for to do so : http://git-scm.com/docs/gitcvs-migration My understanding is that you can keep doing your stuff in CVS if you prefer to, but you can push your work into Git once in a wild, so you can publish an unofficial (I mean that you don't accept PR from there because you use CVS) snapshot of the CVS repo in Github so it is more convenient for us to dig into the code... Thank you Cesium -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Thu Nov 19 00:21:37 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Thu, 19 Nov 2015 06:21:37 +0100 Subject: [python-ldap] Documentation and Git In-Reply-To: <564D5823.6030407@yahoo.ca> References: <564D5823.6030407@yahoo.ca> Message-ID: <564D5C61.4010602@stroeder.com> cesium5500 at yahoo.ca wrote: > I take sometime to report my disappointing experience with python-ldap : > > I was having issue connecting to an LDAPS server, I did some research, and > fall on some post on stackoverflow mentioning about > "ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)" See the hint on top if the section: http://www.python-ldap.org/doc/html/ldap.html?highlight=opt_x_tls_require_cert#options As python-ldap is a C wrapper around libldap, So OpenLDAP's man pages apply, especially ldap_set_option(3). ldap.OPT_X_TLS_REQUIRE_CERT simply maps libldap's LDAP_OPT_X_TLS_REQUIRE_CERT. The python-ldap docs would have to copy all this text which does not make much sense especially given all the various meanings depending on the TLS lib libldap is linked to on your platform (OpenSSL, GnuTLS on Debian, libnss on Fedora/RHEL). Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From mejiaa at amazon.com Thu Nov 19 10:13:35 2015 From: mejiaa at amazon.com (Andres Mejia) Date: Thu, 19 Nov 2015 10:13:35 -0500 Subject: [python-ldap] Patches Sent Last Week Message-ID: <564DE71F.8030503@amazon.com> Hi, I sent patches for Python 3 support last week. Did anyone receive them? In case you didn't receive them, here's a link in the archive to the email I sent (https://mail.python.org/pipermail/python-ldap/2015q4/003625.html). -- Andres From raphael.barrois at m4x.org Thu Nov 19 11:25:31 2015 From: raphael.barrois at m4x.org (=?UTF-8?B?UmFwaGHDq2w=?= Barrois) Date: Thu, 19 Nov 2015 17:25:31 +0100 Subject: [python-ldap] Patches Sent Last Week In-Reply-To: <564DE71F.8030503@amazon.com> References: <564DE71F.8030503@amazon.com> Message-ID: <20151119172531.437d37dd@ithor> On Thu, 19 Nov 2015 10:13:35 -0500 Andres Mejia via python-ldap wrote: > Hi, > > I sent patches for Python 3 support last week. Did anyone receive them? > > In case you didn't receive them, here's a link in the archive to the > email I sent > (https://mail.python.org/pipermail/python-ldap/2015q4/003625.html). > Hi, This topic has been discussed a few times on this mailing list. If I remember correctly, Michael's opinion on this subject is that porting python-ldap to Python3 should be done during a full rewrite of the library. However, with a few other developers, we maintain a Py3 fork, backwards compatible with python-ldap, at https://github.com/pyldap/pyldap. Hope this helps! -- Rapha?l Barrois From mejiaa at amazon.com Thu Nov 19 15:52:51 2015 From: mejiaa at amazon.com (Andres Mejia) Date: Thu, 19 Nov 2015 15:52:51 -0500 Subject: [python-ldap] Patches Sent Last Week In-Reply-To: <20151119172531.437d37dd@ithor> References: <564DE71F.8030503@amazon.com> <20151119172531.437d37dd@ithor> Message-ID: <564E36A3.6090004@amazon.com> Does this fork support Python 2? On 11/19/2015 11:25 AM, Rapha?l Barrois wrote: > On Thu, 19 Nov 2015 10:13:35 -0500 > Andres Mejia via python-ldap wrote: > >> Hi, >> >> I sent patches for Python 3 support last week. Did anyone receive them? >> >> In case you didn't receive them, here's a link in the archive to the >> email I sent >> (https://mail.python.org/pipermail/python-ldap/2015q4/003625.html). >> > Hi, > > This topic has been discussed a few times on this mailing list. > If I remember correctly, Michael's opinion on this subject is that porting python-ldap to Python3 should be done during a full rewrite of the library. > > However, with a few other developers, we maintain a Py3 fork, backwards compatible with python-ldap, at https://github.com/pyldap/pyldap. > > Hope this helps! > -- Andres From raphael.barrois at m4x.org Thu Nov 19 19:28:04 2015 From: raphael.barrois at m4x.org (=?UTF-8?B?UmFwaGHDq2w=?= Barrois) Date: Fri, 20 Nov 2015 01:28:04 +0100 Subject: [python-ldap] Patches Sent Last Week In-Reply-To: <564E36A3.6090004@amazon.com> References: <564DE71F.8030503@amazon.com> <20151119172531.437d37dd@ithor> <564E36A3.6090004@amazon.com> Message-ID: <20151120012804.537e8584@corvis> On Thu, 19 Nov 2015 15:52:51 -0500 Andres Mejia via python-ldap wrote: > Does this fork support Python 2? Yes, it does. When running under Python2, the LDAP connections can be initialized either in "python-ldap-compatible" mode, which uses bytes extensively; or in "pyldap-for-python3-compatible" mode, which uses unicode when possible. You can find more details here: https://github.com/pyldap/pyldap/commit/770611a056767045570940e2db28b126619b9613 -- Rapha?l > > On 11/19/2015 11:25 AM, Rapha?l Barrois wrote: > > On Thu, 19 Nov 2015 10:13:35 -0500 > > Andres Mejia via python-ldap wrote: > > > >> Hi, > >> > >> I sent patches for Python 3 support last week. Did anyone receive > >> them? > >> > >> In case you didn't receive them, here's a link in the archive to > >> the email I sent > >> (https://mail.python.org/pipermail/python-ldap/2015q4/003625.html). > >> > > Hi, > > > > This topic has been discussed a few times on this mailing list. > > If I remember correctly, Michael's opinion on this subject is that > > porting python-ldap to Python3 should be done during a full rewrite > > of the library. > > > > However, with a few other developers, we maintain a Py3 fork, > > backwards compatible with python-ldap, at > > https://github.com/pyldap/pyldap. > > > > Hope this helps! > > > > From mh at ow2.org Mon Nov 30 06:45:20 2015 From: mh at ow2.org (mh at ow2.org) Date: Mon, 30 Nov 2015 12:45:20 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? Message-ID: <565C36D0.1010909@ow2.org> Hi, In the following code, old = {'attr':['oldvalue']} new = {'attr':['newvalue']} mod = modlist.modifyModlist(old,new) l.modify_s(dn,mod) I'm not sure to fully understand the documentation ; it seems the new attribute value is modified in all case - whatever the value stored in old attr ; in this case what's the point in specifying an 'oldvalue' ? Thanks, From michael at stroeder.com Mon Nov 30 06:58:11 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Mon, 30 Nov 2015 12:58:11 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <565C36D0.1010909@ow2.org> References: <565C36D0.1010909@ow2.org> Message-ID: <565C39D3.5030606@stroeder.com> mh at ow2.org wrote: > In the following code, > > old = {'attr':['oldvalue']} > new = {'attr':['newvalue']} > > mod = modlist.modifyModlist(old,new) > > l.modify_s(dn,mod) > > > I'm not sure to fully understand the documentation ; it seems the new > attribute value is modified in all case - whatever the value stored in > old attr ; in this case what's the point in specifying an 'oldvalue' ? The function is used for generating a modification list when comparing an old entry dictionary (of an existing LDAP entry) with a new entry dictionary so that the resulting LDAP entry after the l.modify_s(dn,mod) will be the new entry dictionary. The old values are required to determine whether a change is needed at all. If you know in advance which modifications you want calling ldap.modlist.modifyModlist() is not useful at all. Rather then you could mod = [ (ldap.MOD_REPLACE,'attr',['newvalue']), ] As usual YMMV. Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From bdauvergne at entrouvert.com Mon Nov 30 07:10:00 2015 From: bdauvergne at entrouvert.com (Benjamin Dauvergne) Date: Mon, 30 Nov 2015 13:10:00 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <565C36D0.1010909@ow2.org> References: <565C36D0.1010909@ow2.org> Message-ID: <20151130121000.GD24120@dor-lomin.entrouvert.com> Le 11/30, mh at ow2.org a ?crit : > Hi, > > In the following code, > > old = {'attr':['oldvalue']} > new = {'attr':['newvalue']} > > mod = modlist.modifyModlist(old,new) > > l.modify_s(dn,mod) > > > I'm not sure to fully understand the documentation ; it seems the new > attribute value is modified in all case - whatever the value stored in > old attr ; in this case what's the point in specifying an 'oldvalue' ? As LDAP is a multivalued database i.e. each attribute can have multiple values, what's computed by modifyModlist is a "diff": remove old values, add new values. If you want to keep some old values because for example the schema forbid a value to be missing (and between the DELETE and the ADD there will be a time where no value is defined) you have create your modlist yourself such as: l.modify_s(dn, [(ldap.MOD_REPLACE, attr, ['newvalue'])]) modlist.modifyModlist is just an helper function to build such change lists, possible value for the action are: - ldap.MOD_ADD - ldap.MOD_DELETE - ldap.MOD_REPLACE - ldap.MOD_INCREMENT -- Benjamin Dauvergne - Tel Entrouvert: 01 43 35 01 35 - Tel perso: 01 84 16 24 53 From michael at stroeder.com Mon Nov 30 07:25:50 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Mon, 30 Nov 2015 13:25:50 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <20151130121000.GD24120@dor-lomin.entrouvert.com> References: <565C36D0.1010909@ow2.org> <20151130121000.GD24120@dor-lomin.entrouvert.com> Message-ID: <565C404E.9090804@stroeder.com> Benjamin Dauvergne wrote: > Le 11/30, mh at ow2.org a ?crit : >> In the following code, >> >> old = {'attr':['oldvalue']} >> new = {'attr':['newvalue']} >> >> mod = modlist.modifyModlist(old,new) >> >> l.modify_s(dn,mod) >> >> >> I'm not sure to fully understand the documentation ; it seems the new >> attribute value is modified in all case - whatever the value stored in >> old attr ; in this case what's the point in specifying an 'oldvalue' ? > > As LDAP is a multivalued database i.e. each attribute can have multiple values, what's computed by > modifyModlist is a "diff": remove old values, add new values. If you want to keep some old > values because for example the schema forbid a value to be missing (and between the DELETE and the > ADD there will be a time where no value is defined) you have create your modlist yourself such as: This is not correct or at least misleading. 1. ldap.modlist.modifyModlist() will always MOD_ADD all new values. 2. The LDAP server will always process the whole modification list at once and check schema afterwards. Note that a single LDAP write operation is always guaranteed to be atomic. In web2ldap I have a schema-aware variant of this function which examines whether an attribute type has an EQUALITY matching rule. If yes, it will generate finer-grained delete-by-value modification lists to provoke conflicts which might happen with concurrent write operations for avoiding re-adding formerly deleted values. But anyway ldap.modlist.modifyModlist() does the right thing. Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From bdauvergne at entrouvert.com Mon Nov 30 07:37:58 2015 From: bdauvergne at entrouvert.com (Benjamin Dauvergne) Date: Mon, 30 Nov 2015 13:37:58 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <565C404E.9090804@stroeder.com> References: <565C36D0.1010909@ow2.org> <20151130121000.GD24120@dor-lomin.entrouvert.com> <565C404E.9090804@stroeder.com> Message-ID: <20151130123758.GF24120@dor-lomin.entrouvert.com> Le 11/30, Michael Str?der a ?crit : > > As LDAP is a multivalued database i.e. each attribute can have multiple values, what's computed by > > modifyModlist is a "diff": remove old values, add new values. If you want to keep some old > > values because for example the schema forbid a value to be missing (and between the DELETE and the > > ADD there will be a time where no value is defined) you have create your modlist yourself such as: > > This is not correct or at least misleading. > > 1. ldap.modlist.modifyModlist() will always MOD_ADD all new values. > > 2. The LDAP server will always process the whole modification list at once and > check schema afterwards. Note that a single LDAP write operation is always > guaranteed to be atomic. I agree it's atomic and my remark on this point was misleading but I remember having problems with OpenLDAP slapo-constraint and DELETE/ADD in a single modlist, I had to use REPLACE in this case. I don't want to make FUD but if you know you want to replace all the values, REPLACE seems to be the best option, and at the level of the source code intentions are clearer. -- Benjamin Dauvergne - Tel Entrouvert: 01 43 35 01 35 - Tel perso: 01 84 16 24 53 From michael at stroeder.com Mon Nov 30 08:19:39 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Mon, 30 Nov 2015 14:19:39 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <20151130123758.GF24120@dor-lomin.entrouvert.com> References: <565C36D0.1010909@ow2.org> <20151130121000.GD24120@dor-lomin.entrouvert.com> <565C404E.9090804@stroeder.com> <20151130123758.GF24120@dor-lomin.entrouvert.com> Message-ID: <565C4CEB.1020500@stroeder.com> Benjamin Dauvergne wrote: > Le 11/30, Michael Str?der a ?crit : >>> As LDAP is a multivalued database i.e. each attribute can have multiple values, what's computed by >>> modifyModlist is a "diff": remove old values, add new values. If you want to keep some old >>> values because for example the schema forbid a value to be missing (and between the DELETE and the >>> ADD there will be a time where no value is defined) you have create your modlist yourself such as: >> >> This is not correct or at least misleading. >> >> 1. ldap.modlist.modifyModlist() will always MOD_ADD all new values. >> >> 2. The LDAP server will always process the whole modification list at once and >> check schema afterwards. Note that a single LDAP write operation is always >> guaranteed to be atomic. > > I agree it's atomic and my remark on this point was misleading but I remember having problems with > OpenLDAP slapo-constraint and DELETE/ADD in a single modlist, I had to use REPLACE in this case. I > don't want to make FUD but if you know you want to replace all the values, REPLACE seems to be the > best option, and at the level of the source code intentions are clearer. Yes, slapo-constraint could cause some interesting corner-cases. Could you please elaborate on OpenLDAP version, details of the constraint and the exact modify request which failed? Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From bdauvergne at entrouvert.com Mon Nov 30 09:54:47 2015 From: bdauvergne at entrouvert.com (Benjamin Dauvergne) Date: Mon, 30 Nov 2015 15:54:47 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <565C4CEB.1020500@stroeder.com> References: <565C36D0.1010909@ow2.org> <20151130121000.GD24120@dor-lomin.entrouvert.com> <565C404E.9090804@stroeder.com> <20151130123758.GF24120@dor-lomin.entrouvert.com> <565C4CEB.1020500@stroeder.com> Message-ID: <20151130145447.GH24120@dor-lomin.entrouvert.com> Le 11/30, Michael Str?der a ?crit : > Benjamin Dauvergne wrote: > > Le 11/30, Michael Str?der a ?crit : > >>> As LDAP is a multivalued database i.e. each attribute can have multiple values, what's computed by > >>> modifyModlist is a "diff": remove old values, add new values. If you want to keep some old > >>> values because for example the schema forbid a value to be missing (and between the DELETE and the > >>> ADD there will be a time where no value is defined) you have create your modlist yourself such as: > >> > >> This is not correct or at least misleading. > >> > >> 1. ldap.modlist.modifyModlist() will always MOD_ADD all new values. > >> > >> 2. The LDAP server will always process the whole modification list at once and > >> check schema afterwards. Note that a single LDAP write operation is always > >> guaranteed to be atomic. > > > > I agree it's atomic and my remark on this point was misleading but I remember having problems with > > OpenLDAP slapo-constraint and DELETE/ADD in a single modlist, I had to use REPLACE in this case. I > > don't want to make FUD but if you know you want to replace all the values, REPLACE seems to be the > > best option, and at the level of the source code intentions are clearer. > > Yes, slapo-constraint could cause some interesting corner-cases. Could you > please elaborate on OpenLDAP version, details of the constraint and the exact > modify request which failed? Version was 2.4.31+really2.4.40+dfsg on Debian Wheezy but I do not have the details anymore about the specific query but I think the problem was a cardinality constraint like: olcConstraintAttribute: mail count 1 With DELETE/ADD it failed, with REPLACE it was ok. -- Benjamin Dauvergne - Tel Entrouvert: 01 43 35 01 35 - Tel perso: 01 84 16 24 53 From mejiaa at amazon.com Mon Nov 30 10:26:40 2015 From: mejiaa at amazon.com (Andres Mejia) Date: Mon, 30 Nov 2015 10:26:40 -0500 Subject: [python-ldap] pyldap License File Message-ID: <565C6AB0.1020706@amazon.com> Hi, Earlier in the month I was told I should use pyldap instead of python-ldap if I wanted Python 3 support. Where is the license file for pyldap, or what license is pyldap distributed under? -- Andres From michael at stroeder.com Mon Nov 30 11:28:59 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Mon, 30 Nov 2015 17:28:59 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <20151130145447.GH24120@dor-lomin.entrouvert.com> References: <565C36D0.1010909@ow2.org> <20151130121000.GD24120@dor-lomin.entrouvert.com> <565C404E.9090804@stroeder.com> <20151130123758.GF24120@dor-lomin.entrouvert.com> <565C4CEB.1020500@stroeder.com> <20151130145447.GH24120@dor-lomin.entrouvert.com> Message-ID: <565C794B.109@stroeder.com> Benjamin Dauvergne wrote: > Version was 2.4.31+really2.4.40+dfsg on Debian Wheezy but I do not have the details anymore about > the specific query but I think the problem was a cardinality constraint like: > > olcConstraintAttribute: mail count 1 > > With DELETE/ADD it failed, with REPLACE it was ok. There were various bugs in slapo-constraint fixed since this version. It seems to hit this one: http://www.openldap.org/its/index.cgi?findid=7773 Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From mh at ow2.org Tue Dec 1 08:12:19 2015 From: mh at ow2.org (mh at ow2.org) Date: Tue, 1 Dec 2015 14:12:19 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <20151130121000.GD24120@dor-lomin.entrouvert.com> References: <565C36D0.1010909@ow2.org> <20151130121000.GD24120@dor-lomin.entrouvert.com> Message-ID: <565D9CB3.4020606@ow2.org> Le 30/11/2015 13:10, Benjamin Dauvergne a ?crit : > Le 11/30, mh at ow2.org a ?crit : >> Hi, >> >> In the following code, >> >> old = {'attr':['oldvalue']} new = {'attr':['newvalue']} >> >> mod = modlist.modifyModlist(old,new) >> >> l.modify_s(dn,mod) >> >> >> I'm not sure to fully understand the documentation ; it seems the >> new attribute value is modified in all case - whatever the value >> stored in old attr ; in this case what's the point in specifying an >> 'oldvalue' ? > > As LDAP is a multivalued database i.e. each attribute can have > multiple values, what's computed by modifyModlist is a "diff": remove > old values, add new values. If you want to keep some old values > because for example the schema forbid a value to be missing (and > between the DELETE and the ADD there will be a time where no value is > defined) you have create your modlist yourself such as: > > l.modify_s(dn, [(ldap.MOD_REPLACE, attr, ['newvalue'])]) > > modlist.modifyModlist is just an helper function to build such change > lists, possible value for the action are: - ldap.MOD_ADD - > ldap.MOD_DELETE - ldap.MOD_REPLACE - ldap.MOD_INCREMENT > Thank you Michael and Benjamin, I think I got it. Let met reformulate what I've understood : the helper is only here to compare what's in dicts and build a diff list intended to be passed to modify() - it never gets compared values by accessing the LDAP directory straight (I stumbled on that). So if I need to get the attribute value from the directory *before* updating it, I would need to use compare() isn't ? A side question : when I print str(mod), I see the constant value as number : is there a way to see that constant as constant name ?(ie : MOD_XXX) Cheers -------------- next part -------------- An HTML attachment was scrubbed... URL: From pviktori at redhat.com Tue Dec 1 08:49:23 2015 From: pviktori at redhat.com (Petr Viktorin) Date: Tue, 1 Dec 2015 14:49:23 +0100 Subject: [python-ldap] pyldap License File In-Reply-To: <565C6AB0.1020706@amazon.com> References: <565C6AB0.1020706@amazon.com> Message-ID: <565DA563.3030900@redhat.com> On 11/30/2015 04:26 PM, Andres Mejia via python-ldap wrote: > Hi, > > Earlier in the month I was told I should use pyldap instead of > python-ldap if I wanted Python 3 support. Where is the license file for > pyldap, or what license is pyldap distributed under? > Same as python-ldap. As mentioned in the setup.py file, the license is "Python style". Not ideal, but changing it would require a lawyer. -- Petr Viktorin From bdauvergne at entrouvert.com Tue Dec 1 09:03:05 2015 From: bdauvergne at entrouvert.com (Benjamin Dauvergne) Date: Tue, 1 Dec 2015 15:03:05 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <565D9CB3.4020606@ow2.org> References: <565C36D0.1010909@ow2.org> <20151130121000.GD24120@dor-lomin.entrouvert.com> <565D9CB3.4020606@ow2.org> Message-ID: <20151201140305.GQ24120@dor-lomin.entrouvert.com> Le 12/01, mh at ow2.org a ?crit : > A side question : when I print str(mod), I see the constant value as > number : is there a way to see that constant as constant name ?(ie : > MOD_XXX) No those constants are just variables, you would have to reverse them yourself by doing something like: def get_mode_constant_name(value): for varname in dir(ldap): if varname.startwith('MOD_') and getattr(ldap, varname) == value: return varname But this question is more related to general Python programming. -- Benjamin Dauvergne - Tel Entrouvert: 01 43 35 01 35 - Tel perso: 01 84 16 24 53 From michael at stroeder.com Tue Dec 1 14:21:45 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Tue, 1 Dec 2015 20:21:45 +0100 Subject: [python-ldap] modifyModlist : are old and new values get compared somehow ? In-Reply-To: <565D9CB3.4020606@ow2.org> References: <565C36D0.1010909@ow2.org> <20151130121000.GD24120@dor-lomin.entrouvert.com> <565D9CB3.4020606@ow2.org> Message-ID: <565DF349.1070607@stroeder.com> mh at ow2.org wrote: > Le 30/11/2015 13:10, Benjamin Dauvergne a ?crit : >> Le 11/30, mh at ow2.org a ?crit : >> Hi, >> >> In the following code, >> >> old = {'attr':['oldvalue']} > new = {'attr':['newvalue']} >> >> mod = modlist.modifyModlist(old,new) >>>>> l.modify_s(dn,mod) >> >> >> I'm not sure to fully understand the > documentation ; it seems the >> new attribute value is modified in all > case - whatever the value >> stored in old attr ; in this case what's > the point in specifying an >> 'oldvalue' ? > > As LDAP is a multivalued > database i.e. each attribute can have > multiple values, what's computed > by modifyModlist is a "diff": remove > old values, add new values. If > you want to keep some old values > because for example the schema forbid > a value to be missing (and > between the DELETE and the ADD there will > be a time where no value is > defined) you have create your modlist > yourself such as: > > l.modify_s(dn, [(ldap.MOD_REPLACE, attr, > ['newvalue'])]) > > modlist.modifyModlist is just an helper function to > build such change > lists, possible value for the action are: - > ldap.MOD_ADD - > ldap.MOD_DELETE - ldap.MOD_REPLACE - ldap.MOD_INCREMENT > > > Thank you Michael and Benjamin, I think I got it. > > Let met reformulate what I've understood : the helper is only here to > compare what's in dicts and build a diff list intended to be passed to > modify() - it never gets compared values by accessing the LDAP directory > straight (I stumbled on that). Yes. > So if I need to get the attribute value from the directory *before* > updating it, I would need to use compare() isn't ? You have to read/search the entry before. > A side question : when I print str(mod), I see the constant value as > number : is there a way to see that constant as constant name ?(ie : > MOD_XXX) If you write a Python class for that implementing a __repr__() method... Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From space at wechall.net Wed Dec 2 10:29:38 2015 From: space at wechall.net (Space One) Date: Wed, 02 Dec 2015 16:29:38 +0100 Subject: [python-ldap] segfault/Abort for operations with unbound connection Message-ID: <565F0E62.7000500@wechall.net> Hello, how can I check if a connection is still valid? Is there some no-operation which is really fast? I tried to just use whoami_s() but this segfaults always: python-ldap 2.4.16-0.1 Python 2.7.3 (default, Jul 2 2014, 15:00:03) [GCC 4.7.2] on linux2 >>> import ldap >>> lo = ldap.initialize("ldap://0.0.0.0:7389") >>> lo.unbind_s() >>> lo.whoami_s() python: whoami.c:68: ldap_whoami: Assertion `( (ld)->ldc->ldc_options.ldo_valid == 0x2 )' failed. Aborted Best regards spaceone From JohnTheodore42 at gmail.com Mon Dec 28 21:58:29 2015 From: JohnTheodore42 at gmail.com (John Theodore) Date: Mon, 28 Dec 2015 18:58:29 -0800 Subject: [python-ldap] Fwd: Pagination in python-ldap 2.4 In-Reply-To: References: Message-ID: I found some examples online, but they all seem to be for python-ldap 2.3, and the code they used is deprecated. Can someone give me a simple example of querying for results beyond the size limit? This is the search I want to do: results = ldap_obj.search_s('ou=people,blahblah,dc=com', ldap.SCOPE_SUBTREE, filterstr='(id=*)', attrlist='mail') Though there are 18k results, but the size limit is 10k. How can I use python-ldap with paged results to get all the results? I looked at the docs a bit and found ldap.controls.libldap.SimplePagedResultsControl, though I'm confused on how to use this properly. -------------- next part -------------- An HTML attachment was scrubbed... URL: From masayuki.igarashi.qz at hitachi-systems.com Mon Dec 28 18:56:48 2015 From: masayuki.igarashi.qz at hitachi-systems.com (=?iso-2022-jp?B?GyRCOF49PU1yYkNHNxsoQiAvIElHQVJBU0hJGyRCISQbKEJNQVNBWVVL?= =?iso-2022-jp?B?SQ==?=) Date: Mon, 28 Dec 2015 23:56:48 +0000 Subject: [python-ldap] Python-style-license Message-ID: <651A464045065A40B31F92B1D99A66EEBBC1AF96@GSjpTKYDCembx17.service.hitachi.net> Hi. I would like to know the license of "Python-Ldap" in detail. What does the "Python-Style" mean? I'm using version 2-4-22 of "Python-Ldap". Is this the "Python-Style-license" you mentioned in the LICENSE file? https://www.python.org/download/releases/2.4.4/license/ Thanks, Masa -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Tue Dec 29 04:23:47 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Tue, 29 Dec 2015 10:23:47 +0100 Subject: [python-ldap] Fwd: Pagination in python-ldap 2.4 In-Reply-To: References:

Message-ID: <56825123.7090707@stroeder.com> John Theodore wrote: > I found some examples online, but they all seem to be for python-ldap 2.3, > and the code they used is deprecated. > > Can someone give me a simple example of querying for results beyond the > size limit? I guess you're referring to the Simple Paged Results control. See Demo/page_control.py in python-ldap's source distribution. > Though there are 18k results, but the size limit is 10k. How can I use > python-ldap with paged results to get all the results? BTW: Working around a size limit with Simple Paged Results control only works with MS AD but not other LDAP servers. Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From michael at stroeder.com Tue Dec 29 09:23:57 2015 From: michael at stroeder.com (=?UTF-8?Q?Michael_Str=c3=b6der?=) Date: Tue, 29 Dec 2015 15:23:57 +0100 Subject: [python-ldap] Python-style-license In-Reply-To: <651A464045065A40B31F92B1D99A66EEBBC1AF96@GSjpTKYDCembx17.service.hitachi.net> References: <651A464045065A40B31F92B1D99A66EEBBC1AF96@GSjpTKYDCembx17.service.hitachi.net> Message-ID: <5682977D.3010108@stroeder.com> ????? / IGARASHI?MASAYUKI wrote: > I would like to know the license of "Python-Ldap" in detail. What does the > "Python-Style" mean? It basically says: You can do with python-ldap what you can do with Python. Ciao, Michael. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4245 bytes Desc: S/MIME Cryptographic Signature URL: From awilliam at whitemice.org Tue Dec 29 11:09:11 2015 From: awilliam at whitemice.org (Adam Tauno Williams) Date: Tue, 29 Dec 2015 11:09:11 -0500 Subject: [python-ldap] Fwd: Pagination in python-ldap 2.4 In-Reply-To: References:

Message-ID: <1451405351.2718.0.camel@whitemice.org> On Mon, 2015-12-28 at 18:58 -0800, John Theodore wrote: > I found some examples online, but they all seem to be for python-ldap > 2.3, and the code they used is deprecated. > Can someone give me a simple example of querying for results beyond > the size limit? > This is the search I want to do:?results = > ldap_obj.search_s('ou=people,blahblah,dc=com', ldap.SCOPE_SUBTREE, > filterstr='(id=*)', attrlist='mail') > Though there are 18k results, but the size limit is 10k. How can I > use python-ldap with paged results to get all the results? > I looked at the docs a bit and found > ldap.controls.libldap.SimplePagedResultsControl, though I'm confused > on how to use this properly. Example -?https://sourceforge.net/p/coils/coils-code/ci/master/tree/coi ls/foundation/utility.py?format=raw -- Adam Tauno Williams GPG D95ED383 OpenGroupware Developer