From burvilwork2 at gmail.com Fri Oct 12 14:02:29 2018 From: burvilwork2 at gmail.com (Burvilwork Chang) Date: Fri, 12 Oct 2018 11:02:29 -0700 Subject: [python-ldap] python-ldap code returns no data, conflicts with ldap-search results Message-ID: I?m having an issue where the python-ldap module is returning no results, even though I am able to get results through other methods. I use the same parameters as ldapsearch, but the python code turns up nothing. This happens with a large number of hostnames that I search for. Specifically, I am able to get valid LDAP data returned for a hostname with the following: $ [2014][AD-user at host-joined-to-AD:~]$ ldapsearch -x -H ldaps:// ldap-host-here.ds.subdomain.net:636 -D "AD-user at ds.subdomain.net? -w ?password-here' -b "DC=ds,DC=subdomain,DC=net" "(&(objectclass=computer)(cn=hostname-here))? |less I also see a computer account for this system when logging into a Windows system on the domain and searching for the hostname via dsa, so I know the computer account is in AD/LDAP. The following are my LDAP related modules. Note that I know the ldap module version is a little old, but as I?m running RHEL 7.5, it?s the newest I can make it without causing other dependencies to break, i.e. I had to install this via RPM. $ pip freeze | grep ldap ldap3==2.5.1 python-ldap==2.4.15 I run my code, and it shows nothing in the results: $ ./to-post.py Initializing LDAP connection object with uri ldaps:// ldap-host-here.ds.subdomain.net:636 Binding with username username-here? LDAP results - [] The code is below. Any thoughts on why I?m not getting anything returned, even though the computer account exists? #!/usr/bin/python import ldap ##################################### # IN: cfg, hostname, domain string # OUT: True or False (if in AD or not) def CheckIfHostInAD(cfg, hostname, env): domain = "tld-value-here" username = 'username-here' password = 'password-here' uri = "ldaps://ldap-host-here." + domain + ":636" (subdomain, tld) = domain.split('.') ## Create instance of LDAP class. No connection has been made yet. print("Initializing LDAP connection object with uri " + uri ) l = ldap.initialize(uri) #####!!! results = [] OU_setting = "" try: # When we connect, make sure to connect using LDAPv3 l.protocol_version = ldap.VERSION3 #set connection l.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) l.set_option(ldap.OPT_X_TLS_NEWCTX, 0) print("Binding with username " + username + "...") bind = l.simple_bind_s(username, password) # When we search, the base is the level at which we want to start searching OU_setting = "" base = OU_setting + "DC=ds,DC=" + subdomain + ",DC=net" # When we search, filter results down to ones that have an objectClass of "computer" criteria = "(&(objectclass=computer)(cn=" + hostname + "))" attributes = ['name'] print("Getting hostnames in " + domain + ", base " + str(base) + ", criteria " + str(criteria) ) # Ok! Search and store the result in the variable "result" ldap_dump = l.search_s(base, ldap.SCOPE_SUBTREE, criteria, attributes) print("Found " + len(ldap_dump) + " hostnames in " + domain) # Print the results to the console for data_dict in [entry for dn, entry in ldap_dump if isinstance(entry, dict)]: results.append(data_dict["name"][0]) except Exception as e: print("error - " + e) # Now that we're done (failed or not), release the connection finally: l.unbind() print("LDAP results - " + str(results)) return results cfg = "" hostname = ?short-hostname-here? env = "" result = CheckIfHostInAD(cfg, hostname, env) quit() As I noted earlier, I'd prefer not to upgrade the python-ldap module if not needed. In other words, unless there's something in a newer version where a bug resulting in no data being returned, I'd prefer not to upgrade. I found verbose settings for python-ldap at https://helpful.knobs-dials.com/index.php/Python-ldap_notes and http://lpetr.org/blog/archives/how-to-enable-logging-in-python-ldap, but using those didn't help. -------------- next part -------------- An HTML attachment was scrubbed... URL: From armariap at cisco.com Wed Oct 24 12:28:38 2018 From: armariap at cisco.com (Arun Mariappan -T (armariap - CH REYNOLDS ELECTRIC INC at Cisco)) Date: Wed, 24 Oct 2018 16:28:38 +0000 Subject: [python-ldap] Issue in setting up python-ldap on Windows 10 Message-ID: <0b2a66a9be8d4e3d9924f6ac651b508c@XCH-ALN-008.cisco.com> Hello python-ldap team, I was trying to setup python-ldap package to my windows 10. I'm getting the below error. ? pip install python-ldap ...... building '_ldap' extension creating build\temp.win-amd64-3.6 creating build\temp.win-amd64-3.6\Release creating build\temp.win-amd64-3.6\Release\Modules C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Tools\MSVC\14.15.26726\bin\HostX86\x64\cl.exe /c /nologo /Ox /W3 /GL /DNDEBUG /MD -DHAVE_SASL -DHAVE_TLS -DHAVE_LIBLDAP_R -DHAVE_LIBLDAP_R -DLDAPMODULE_VERSION=3.1.0 "-DLDAPMODULE_AUTHOR=python-ldap project" "-DLDAPMODULE_LICENSE=Python style" -IModules -Ic:\users\armariap\appdata\local\programs\python\python36\include -Ic:\users\armariap\appdata\local\programs\python\python36\include "-IC:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Tools\MSVC\14.15.26726\ATLMFC\include" "-IC:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Tools\MSVC\14.15.26726\include" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.17134.0\ucrt" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.17134.0\shared" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.17134.0\um" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.17134.0\winrt" "-IC:\Program Files (x86)\Windows Kits\10\include\10.0.17134.0\cppwinrt" /TcModules/LDAPObject.c /Fobuild\temp.win-amd64-3.6\Release\Modules/LDAPObject.obj LDAPObject.c c:\users\armariap\appdata\local\temp\pip-install-ntjuhtkp\python-ldap\modules\constants.h(7): fatal error C1083: Cannot open include file: 'lber.h': No such file or directory error: command 'C:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\Community\\VC\\Tools\\MSVC\\14.15.26726\\bin\\HostX86\\x64\\cl.exe' failed with exit status 2 Could you suggest a way to get along with this issue. Thanks & regards, Arun [https://www.cisco.com/c/dam/m/en_us/signaturetool/images/logo/Cisco_Logo_no_TM_Indigo_Blue-RGB_43px.png] Arun Mariappan Engineer - IT armariap at cisco.com Tel: Cisco Systems, Inc. cisco.com [http://www.cisco.com/assets/swa/img/thinkbeforeyouprint.gif] Think before you print. This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message. Please click here for Company Registration Information. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 57276 bytes Desc: image001.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 134 bytes Desc: image002.gif URL: From waldemar.osuch at gmail.com Thu Oct 25 10:37:08 2018 From: waldemar.osuch at gmail.com (Waldemar Osuch) Date: Thu, 25 Oct 2018 08:37:08 -0600 Subject: [python-ldap] Issue in setting up python-ldap on Windows 10 In-Reply-To: <0b2a66a9be8d4e3d9924f6ac651b508c@XCH-ALN-008.cisco.com> References: <0b2a66a9be8d4e3d9924f6ac651b508c@XCH-ALN-008.cisco.com> Message-ID: Hi, The pypi.org does not have Windows builds anymore. I would strongly recommend downloading the binary wheels from Christoph Gohlke site https://www.lfd.uci.edu/~gohlke/pythonlibs/#python-ldap Alternatively you could use different ldap bindings. I've had great success with bonsai (https://pypi.org/project/bonsai/) Not only the binaries are provided but they also build cleanly on Windows. Cheers, Waldemar On Thu, Oct 25, 2018 at 2:26 AM Arun Mariappan -T (armariap - CH REYNOLDS ELECTRIC INC at Cisco) via python-ldap wrote: > Hello python-ldap team, > > > > I was trying to setup python-ldap package to my windows 10. I?m getting > the below error. > > > > ? pip install python-ldap > > ?? > > building '_ldap' extension > > creating build\temp.win-amd64-3.6 > > creating build\temp.win-amd64-3.6\Release > > creating build\temp.win-amd64-3.6\Release\Modules > > C:\Program Files (x86)\Microsoft Visual > Studio\2017\Community\VC\Tools\MSVC\14.15.26726\bin\HostX86\x64\cl.exe /c > /nologo /Ox /W3 /GL /DNDEBUG /MD -DHAVE_SASL -DHAVE_TLS -DHAVE_LIBLDAP_R > -DHAVE_LIBLDAP_R -DLDAPMODULE_VERSION=3.1.0 > "-DLDAPMODULE_AUTHOR=python-ldap project" "-DLDAPMODULE_LICENSE=Python > style" -IModules > -Ic:\users\armariap\appdata\local\programs\python\python36\include > -Ic:\users\armariap\appdata\local\programs\python\python36\include > "-IC:\Program Files (x86)\Microsoft Visual > Studio\2017\Community\VC\Tools\MSVC\14.15.26726\ATLMFC\include" > "-IC:\Program Files (x86)\Microsoft Visual > Studio\2017\Community\VC\Tools\MSVC\14.15.26726\include" "-IC:\Program > Files (x86)\Windows Kits\10\include\10.0.17134.0\ucrt" "-IC:\Program Files > (x86)\Windows Kits\10\include\10.0.17134.0\shared" "-IC:\Program Files > (x86)\Windows Kits\10\include\10.0.17134.0\um" "-IC:\Program Files > (x86)\Windows Kits\10\include\10.0.17134.0\winrt" "-IC:\Program Files > (x86)\Windows Kits\10\include\10.0.17134.0\cppwinrt" > /TcModules/LDAPObject.c > /Fobuild\temp.win-amd64-3.6\Release\Modules/LDAPObject.obj > > LDAPObject.c > > > c:\users\armariap\appdata\local\temp\pip-install-ntjuhtkp\python-ldap\modules\constants.h(7): > fatal error C1083: Cannot open include file: 'lber.h': No such file or > directory > > error: command 'C:\\Program Files (x86)\\Microsoft Visual > Studio\\2017\\Community\\VC\\Tools\\MSVC\\14.15.26726\\bin\\HostX86\\x64\\cl.exe' > failed with exit status 2 > > > > > > Could you suggest a way to get along with this issue. > > > > Thanks & regards, > > Arun > > > > > > [image: > https://www.cisco.com/c/dam/m/en_us/signaturetool/images/logo/Cisco_Logo_no_TM_Indigo_Blue-RGB_43px.png] > > *Arun Mariappan* > > Engineer - IT > > armariap at cisco.com > > Tel: > > > > > > > > > > Cisco Systems, Inc. > > > > > > > > > > cisco.com > > [image: http://www.cisco.com/assets/swa/img/thinkbeforeyouprint.gif] > > Think before you print. > > This email may contain confidential and privileged material for the sole > use of the intended recipient. Any review, use, distribution or disclosure > by others is strictly prohibited. If you are not the intended recipient (or > authorized to receive for the recipient), please contact the sender by > reply email and delete all copies of this message. > > Please click here > > for Company Registration Information. > > > > > _______________________________________________ > python-ldap mailing list > python-ldap at python.org > https://mail.python.org/mailman/listinfo/python-ldap > -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 57276 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 134 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.gif Type: image/gif Size: 134 bytes Desc: not available URL: