From replicase at gmail.com Thu Jul 1 17:05:40 2010 From: replicase at gmail.com (Anil) Date: Thu, 1 Jul 2010 08:05:40 -0700 Subject: bad filter Message-ID: I pass a filter string such as this to search(), but I keep getting BAD SEARCH FILTER error. "(|(last-login-time<=100101*)(!(last-login-time=*)))" The same thing works when using it with ldapsearch command. I also tried running it through ldap.filter.escape_filter_chars. Still no luck. Is this a known bug? I am using python_ldap-2.3.8. Thanks From michael at stroeder.com Thu Jul 1 18:05:05 2010 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 01 Jul 2010 18:05:05 +0200 Subject: bad filter In-Reply-To: References: Message-ID: <4C2CBCB1.6050001@stroeder.com> Anil wrote: > I pass a filter string such as this to search(), but I keep getting > BAD SEARCH FILTER error. > "(|(last-login-time<=100101*)(!(last-login-time=*)))" Using <= with * in the assertion value looks bogus to me. > The same thing works when using it with ldapsearch command. Does not work for me when using OpenLDAP's ldapsearch: $ ldapsearch "(|(last-login-time<=100101*)(\!(last-login-time=*)))" ldapsearch: ldap_search_ext: Bad search filter (-7) Note the extra back-shlash needed before ! since ! is a special char for the shell. > I also > tried running it through ldap.filter.escape_filter_chars. You should not pass complete filter strings to ldap.filter.escape_filter_chars(). This function should only be used for the assertion values you put into the filter string afterwards. > Is this a known bug? Nope. Ciao, Michael. From replicase at gmail.com Thu Jul 1 18:34:09 2010 From: replicase at gmail.com (Anil) Date: Thu, 1 Jul 2010 09:34:09 -0700 Subject: bad filter In-Reply-To: <4C2CBCB1.6050001@stroeder.com> References: <4C2CBCB1.6050001@stroeder.com> Message-ID: I've used this type of wild card search+compare before, all with Solaris's ldapsearch, never complained. Let me change this to not use a wild card like that. Thanks. 2010/7/1 Michael Str?der : > Anil wrote: >> I pass a filter string such as this to search(), but I keep getting >> BAD SEARCH FILTER error. >> "(|(last-login-time<=100101*)(!(last-login-time=*)))" > > Using <= with * in the assertion value looks bogus to me. > >> The same thing works when using it with ldapsearch command. > > Does not work for me when using OpenLDAP's ldapsearch: > > $ ldapsearch "(|(last-login-time<=100101*)(\!(last-login-time=*)))" > ldapsearch: ldap_search_ext: Bad search filter (-7) > > Note the extra back-shlash needed before ! since ! is a special char > for the shell. > >> I also >> tried running it through ldap.filter.escape_filter_chars. > > You should not pass complete filter strings to > ldap.filter.escape_filter_chars(). This function should only be used for the > assertion values you put into the filter string afterwards. > >> Is this a known bug? > > Nope. > > Ciao, Michael. > From michael at stroeder.com Mon Jul 19 07:53:23 2010 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Mon, 19 Jul 2010 07:53:23 +0200 Subject: sasl bind issues In-Reply-To: References:

Message-ID: <4C43E853.5080308@stroeder.com> Uma Sridharan wrote: > > Here is a sample code that works the first time I run the loop and fails > the second time with the following error. can someone let me know if the > credentials are cached by the library or what could be wrong? Any help > is greatly appreciated. > > ldap.INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C09043E, comment: > AcceptSecurityContext error, data 57, vece', 'desc': 'Invalid credentials'} Judging from the error message above I guess this is MS AD. Right? Somebody posted this issue with MS AD before. Frankly I have no clue what's going on and how to solve it. I could reproduce it with MS AD W2K3 but it works with other LDAP server implementations (tested with OpenLDAP 2.4.x and OpenDS 2.3beta). Ciao, Michael. From uma285 at gmail.com Thu Jul 15 06:19:09 2010 From: uma285 at gmail.com (Uma Sridharan) Date: Wed, 14 Jul 2010 21:19:09 -0700 Subject: sasl bind issues In-Reply-To: References: Message-ID: Hi everyone, Here is a sample code that works the first time I run the loop and fails the second time with the following error. can someone let me know if the credentials are cached by the library or what could be wrong? Any help is greatly appreciated. ldap.INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 57, vece', 'desc': 'Invalid credentials'} import ldap, ldap.sasl def main(): while True: ldapServer="lserver" base ="ou=users,ou=accounts,dc=example,dc=com" user="user" passwd="pass" l = ldap.initialize(ldapServer) l.set_option(ldap.OPT_REFERRALS, 0) try: tok = ldap.sasl.digest_md5(user, passwd) l.sasl_interactive_bind_s("",tok) except ldap.INVALID_CREDENTIALS, e : print "Invalid Username or Password" print e return False print "success" l.unbind() if __name__=="__main__": print "here" main() -------------- next part -------------- An HTML attachment was scrubbed... URL: From uma285 at gmail.com Sun Jul 25 19:12:18 2010 From: uma285 at gmail.com (Uma Sridharan) Date: Sun, 25 Jul 2010 10:12:18 -0700 Subject: sasl bind issues In-Reply-To: <4C43E853.5080308@stroeder.com> References:

<4C43E853.5080308@stroeder.com> Message-ID: Yes that is correct. Using simple bind seems to have solved the problem though.. 2010/7/18 Michael Str?der > Uma Sridharan wrote: > > > > Here is a sample code that works the first time I run the loop and fails > > the second time with the following error. can someone let me know if the > > credentials are cached by the library or what could be wrong? Any help > > is greatly appreciated. > > > > ldap.INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C09043E, > comment: > > AcceptSecurityContext error, data 57, vece', 'desc': 'Invalid > credentials'} > > Judging from the error message above I guess this is MS AD. Right? > > Somebody posted this issue with MS AD before. Frankly I have no clue what's > going on and how to solve it. I could reproduce it with MS AD W2K3 but it > works with other LDAP server implementations (tested with OpenLDAP 2.4.x > and > OpenDS 2.3beta). > > Ciao, Michael. > -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Wed Aug 11 20:42:56 2010 From: michael at stroeder.com (=?windows-1252?Q?Michael_Str=F6der?=) Date: Wed, 11 Aug 2010 20:42:56 +0200 Subject: python-ldap-2.3.12: Compile error on CentOS 5.5, i386 In-Reply-To: <6D47CA12-830B-449F-BBBE-1C823F35AC33@gmail.com> References: <4C602204.5020009@stroeder.com> <6D47CA12-830B-449F-BBBE-1C823F35AC33@gmail.com> Message-ID: <4C62EF30.707@stroeder.com> Zhang Huangbin wrote: > > On Aug 9, 2010, at 11:43 PM, Michael Str?der wrote: > >> Find a new release of python-ldap: >> >> http://pypi.python.org/pypi/python-ldap/2.3.12 > > Compile error on CentOS 5.5, i386: > [..] > Modules/constants.c: In function ?LDAPinit_constants?: > Modules/constants.c:184: error: ?LDAP_OPT_X_TLS_CRLFILE? undeclared (first use in this function) > Modules/constants.c:184: error: (Each undeclared identifier is reported only once > Modules/constants.c:184: error: for each function it appears in.) > error: Setup script exited with error: command 'gcc' failed with exit status 1 Looks like an older OpenLDAP release. Please try the patch below. Ciao, Michael. Index: Modules/constants.c =================================================================== RCS file: /cvsroot/python-ldap/python-ldap/Modules/constants.c,v retrieving revision 1.47 diff -u -r1.47 constants.c --- Modules/constants.c 7 May 2010 13:22:40 -0000 1.47 +++ Modules/constants.c 11 Aug 2010 05:14:47 -0000 @@ -181,7 +181,9 @@ #ifdef LDAP_OPT_X_TLS_CRLCHECK /* only available if OpenSSL supports it => might cause backward compability problems */ add_int(d,OPT_X_TLS_CRLCHECK); +#ifdef LDAP_OPT_X_TLS_CRLFILE add_int(d,OPT_X_TLS_CRLFILE); +#endif add_int(d,OPT_X_TLS_CRL_NONE); add_int(d,OPT_X_TLS_CRL_PEER); add_int(d,OPT_X_TLS_CRL_ALL); From zhbmaillistonly at gmail.com Wed Aug 11 03:37:55 2010 From: zhbmaillistonly at gmail.com (Zhang Huangbin) Date: Wed, 11 Aug 2010 09:37:55 +0800 Subject: python-ldap-2.3.12: Compile error on CentOS 5.5, i386 In-Reply-To: <4C602204.5020009@stroeder.com> References: <4C602204.5020009@stroeder.com> Message-ID: <6D47CA12-830B-449F-BBBE-1C823F35AC33@gmail.com> On Aug 9, 2010, at 11:43 PM, Michael Str?der wrote: > Find a new release of python-ldap: > > http://pypi.python.org/pypi/python-ldap/2.3.12 Compile error on CentOS 5.5, i386: # easy_install python-ldap==2.3.12 Searching for python-ldap==2.3.12 Reading http://cheeseshop.python.org/pypi/python-ldap/ Reading http://www.python-ldap.org/ Reading http://cheeseshop.python.org/pypi/python-ldap/2.3.12 Best match: python-ldap 2.3.12 Downloading http://pypi.python.org/packages/source/p/python-ldap/python-ldap-2.3.12.tar.gz#md5=2dadc521b2c2590d9b033894ba5c6f31 Processing python-ldap-2.3.12.tar.gz Running python-ldap-2.3.12/setup.py -q bdist_egg --dist-dir /tmp/easy_install-xqEjpH/python-ldap-2.3.12/egg-dist-tmp-AC0kEg extra_compile_args: extra_objects: include_dirs: /usr/local/openldap-2.3/include /usr/include/sasl library_dirs: /usr/local/openldap-2.3/lib libs: ldap_r lber sasl2 ssl crypto file Lib/ldap.py (for module ldap) not found file Lib/ldap/schema.py (for module ldap.schema) not found warning: no files found matching 'Makefile' warning: no files found matching 'Modules/LICENSE' file Lib/ldap.py (for module ldap) not found file Lib/ldap/schema.py (for module ldap.schema) not found file Lib/ldap.py (for module ldap) not found file Lib/ldap/schema.py (for module ldap.schema) not found Modules/constants.c: In function ?LDAPinit_constants?: Modules/constants.c:184: error: ?LDAP_OPT_X_TLS_CRLFILE? undeclared (first use in this function) Modules/constants.c:184: error: (Each undeclared identifier is reported only once Modules/constants.c:184: error: for each function it appears in.) error: Setup script exited with error: command 'gcc' failed with exit status 1 From steeve.barbeau at gmail.com Fri Aug 20 10:07:42 2010 From: steeve.barbeau at gmail.com (Steeve BARBEAU) Date: Fri, 20 Aug 2010 10:07:42 +0200 Subject: Error to add objectClass to entries Message-ID: Hi, I'm new to this mailing list and I've a question concerning python-ldap. I want to add some objectClass and attributes to existing entries but I have this error : ldap.OTHER: {'info': 'no structuralObjectClass operational attribute', 'desc': 'Internal (implementation specific) error'} I'm using the add_s() function and I don't know if this is the good for doing that. PS : When I use the ldapmodify command with a ldif file and with the same attributes than in my python code, it works. You're help will be welcome, Thx Steeve Barbeau http://steeve-barbeau.blogspot.com/ http://twitter.com/steevebarbeau -------------- next part -------------- An HTML attachment was scrubbed... URL: From chaoseternal at gmail.com Fri Aug 20 10:27:42 2010 From: chaoseternal at gmail.com (Chaos Eternal) Date: Fri, 20 Aug 2010 16:27:42 +0800 Subject: Error to add objectClass to entries In-Reply-To: References: Message-ID: you cannot alter/change stuctral objectClass of an existing entry On 20 Aug 2010 4:08 PM, "Steeve BARBEAU" wrote: Hi, I'm new to this mailing list and I've a question concerning python-ldap. I want to add some objectClass and attributes to existing entries but I have this error : ldap.OTHER: {'info': 'no structuralObjectClass operational attribute', 'desc': 'Internal (implementation specific) error'} I'm using the add_s() function and I don't know if this is the good for doing that. PS : When I use the ldapmodify command with a ldif file and with the same attributes than in my python code, it works. You're help will be welcome, Thx Steeve Barbeau http://steeve-barbeau.blogspot.com/ http://twitter.com/steevebarbeau ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev _______________________________________________ Python-LDAP-dev mailing list Python-LDAP-dev at lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/python-ldap-dev -------------- next part -------------- An HTML attachment was scrubbed... URL: From steeve.barbeau at gmail.com Fri Aug 20 11:27:04 2010 From: steeve.barbeau at gmail.com (Steeve BARBEAU) Date: Fri, 20 Aug 2010 11:27:04 +0200 Subject: Error to add objectClass to entries In-Reply-To: References:

Message-ID: I've found the solution. I use this method : >>> mod_attrs = [( ldap.MOD_ADD, 'uidNumber', '1000' )] >>> l.modify_s('uid=francis,ou=users,dc=example,dc=com', mod_attrs) I had began with this method, but my error was to keep number as integer and not as string. Thx Steeve Barbeau http://steeve-barbeau.blogspot.com/ http://twitter.com/steevebarbeau On Fri, Aug 20, 2010 at 10:27 AM, Chaos Eternal wrote: > you cannot alter/change stuctral objectClass of an existing entry > > On 20 Aug 2010 4:08 PM, "Steeve BARBEAU" wrote: > > Hi, > > I'm new to this mailing list and I've a question concerning python-ldap. > I want to add some objectClass and attributes to existing entries but I > have this error : > ldap.OTHER: {'info': 'no structuralObjectClass operational attribute', > 'desc': 'Internal (implementation specific) error'} > > I'm using the add_s() function and I don't know if this is the good for > doing that. > > PS : When I use the ldapmodify command with a ldif file and with the same > attributes than in my python code, it works. > > You're help will be welcome, Thx > > Steeve Barbeau > http://steeve-barbeau.blogspot.com/ > http://twitter.com/steevebarbeau > > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by > > Make an app they can't live without > Enter the BlackBerry Developer Challenge > http://p.sf.net/sfu/RIM-dev2dev > _______________________________________________ > Python-LDAP-dev mailing list > Python-LDAP-dev at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/python-ldap-dev > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Fri Aug 27 14:30:05 2010 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Fri, 27 Aug 2010 14:30:05 +0200 Subject: Non-ascii passwords In-Reply-To: References: Message-ID: <4C77AFCD.7050509@stroeder.com> Marc Brevoort wrote: > I've inherited a little authentication module which uses > python-ldap (v1.92, 2005/11/03). For the most of it, it works > fine, but when a user has decided to use non-ascii characters > in their password, they will be blocked access and the > authentication log shows a message such as: > > 2010-08-27 11:02:50,398 DEBUG Exception: 'ascii' codec can't encode > character u'\xdf' in position 5: ordinal not in range(128) I'm not sure which component write this message. But python-ldap expects all values to be raw strings. So the calling application is responsible for converting Unicode objects to raw strings with the appropriate encoding. In case of LDAPv3 this is UTF-8. > - It should be possible to work around the issue by escaping the > non-ascii characters in the password, replacing them with a backslash Please try to understand first how the Python syntax representation of Unicode and raw strings is which displayed in the message above. http://docs.python.org/reference/lexical_analysis.html#string-literals There's no need to mess with the back-slashes at all. Simply fix the calling application to do the right thing. Probably calling password.encode('utf-8') will do. Ciao, Michael. From kleinebre at hotmail.com Fri Aug 27 12:44:52 2010 From: kleinebre at hotmail.com (Marc Brevoort) Date: Fri, 27 Aug 2010 10:44:52 +0000 Subject: Non-ascii passwords Message-ID: Hello, I've inherited a little authentication module which uses python-ldap (v1.92, 2005/11/03). For the most of it, it works fine, but when a user has decided to use non-ascii characters in their password, they will be blocked access and the authentication log shows a message such as: 2010-08-27 11:02:50,398 DEBUG Exception: 'ascii' codec can't encode character u'\xdf' in position 5: ordinal not in range(128) As I'm not entirely comfortable yet working with Python, I'm wondering if people here could advise on the best way to resolve this issue. Some questions and doubts are: - is this a known problem that has been addressed in a later version? If so, would any compatibility issues be expected between the two versions? - It should be possible to work around the issue by escaping the non-ascii characters in the password, replacing them with a backslash followed by one or more 2-digit hex codes representing the bytes that make up the character. Would it be necessary to do this in the python-ldap module, or would it be safe to do it before calling simple_bind? Best regards, Marc Brevoort -------------- next part -------------- An HTML attachment was scrubbed... URL: From josh at rockyou.com Fri Sep 3 22:00:52 2010 From: josh at rockyou.com (Josh) Date: Fri, 3 Sep 2010 20:00:52 +0000 (UTC) Subject: ldaps and Active Directory References: <4B66FC56.1050506@swarthmore.edu> <4B67668F.9010404@stroeder.com> Message-ID: > Patrick A. Treptau wrote: > > I am pulling my hair out trying to connect via ldaps to one of our AD > > controllers. > > > > host = "ldaps://ad_host:636" > > You should always use the fully-qualified which is in the CN of the server > certificate's subject DN. Patrick isn't the only one running into the issue by the way, I see if appearing for me as well. Windows 2008 server, getting ldap.SERVER_DOWN: {'info': '(unknown error code)', 'desc': "Can't contact LDAP server"} When I try to connect with ldaps:// to our host using it's FQDN. From michael at stroeder.com Fri Sep 3 23:23:53 2010 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Fri, 03 Sep 2010 23:23:53 +0200 Subject: ldaps and Active Directory In-Reply-To: References: <4B66FC56.1050506@swarthmore.edu> <4B67668F.9010404@stroeder.com> Message-ID: <4C816769.7090804@stroeder.com> Josh wrote: >> Patrick A. Treptau wrote: >>> I am pulling my hair out trying to connect via ldaps to one of our AD >>> controllers. >>> >>> host = "ldaps://ad_host:636" >> >> You should always use the fully-qualified which is in the CN of the server >> certificate's subject DN. > > Patrick isn't the only one running into the issue by the way, I see if appearing > for me as well. Windows 2008 server, getting ldap.SERVER_DOWN: {'info': > '(unknown error code)', 'desc': "Can't contact LDAP server"} When I try to > connect with ldaps:// to our host using it's FQDN. As said try to debug with openssl s_client -connect ad_host:636 -verify (use -CApath or -CAfile options) preferrably using the OpenSSL command-line tool linked to the same libs like python-ldap. Ciao, Michael. From zhbmaillistonly at gmail.com Thu Aug 12 06:06:46 2010 From: zhbmaillistonly at gmail.com (Zhang Huangbin) Date: Thu, 12 Aug 2010 12:06:46 +0800 Subject: python-ldap-2.3.12: Compile error on CentOS 5.5, i386 In-Reply-To: <4C62EF30.707@stroeder.com> References: <4C602204.5020009@stroeder.com> <6D47CA12-830B-449F-BBBE-1C823F35AC33@gmail.com> <4C62EF30.707@stroeder.com> Message-ID: <64F97707-DBA6-413C-9AC8-F77FB4727C6D@gmail.com> On Aug 12, 2010, at 2:42 AM, Michael Str?der wrote: > > Looks like an older OpenLDAP release. Please try the patch below. > > Ciao, Michael. > > Index: Modules/constants.c > =================================================================== > RCS file: /cvsroot/python-ldap/python-ldap/Modules/constants.c,v > retrieving revision 1.47 > diff -u -r1.47 constants.c > --- Modules/constants.c 7 May 2010 13:22:40 -0000 1.47 > +++ Modules/constants.c 11 Aug 2010 05:14:47 -0000 > @@ -181,7 +181,9 @@ > #ifdef LDAP_OPT_X_TLS_CRLCHECK > /* only available if OpenSSL supports it => might cause backward > compability problems */ > add_int(d,OPT_X_TLS_CRLCHECK); > +#ifdef LDAP_OPT_X_TLS_CRLFILE > add_int(d,OPT_X_TLS_CRLFILE); > +#endif > add_int(d,OPT_X_TLS_CRL_NONE); > add_int(d,OPT_X_TLS_CRL_PEER); > add_int(d,OPT_X_TLS_CRL_ALL); This patch fixes it. Will you release a 2.3.12.1 version for this fix? From awilliam at opengroupware.us Tue Sep 21 16:43:50 2010 From: awilliam at opengroupware.us (Adam Tauno Williams) Date: Tue, 21 Sep 2010 10:43:50 -0400 Subject: Installing python-ldap 2.3.12 fails Message-ID: <1285080230.3857.12.camel@linux-yu4c.site> When I install the most recent python-ldap on my CentOS5 box (which has Python2.6 from IUS) it fails. Previously I was able to install python-ldap on a similarly provisioned host. gcc-4.1.2-48.el5 openldap-devel-2.3.43-12.el5_5.2 openssl-devel-0.9.8e-12.el5_4.6 python26-devel-2.6.5-3.el5 Searching for python-ldap Reading http://pypi.python.org/simple/python-ldap/ Reading http://www.python-ldap.org/ Reading http://python-ldap.sourceforge.net/ Reading http://sourceforge.net/project/showfiles.php?group_id=2072&package_id=2011 Best match: python-ldap 2.3.12 Downloading http://pypi.python.org/packages/source/p/python-ldap/python-ldap-2.3.12.tar.gz#md5=2dadc521b2c2590d9b033894ba5c6f31 Processing python-ldap-2.3.12.tar.gz Running python-ldap-2.3.12/setup.py -q bdist_egg --dist-dir /tmp/easy_install-l2DIor/python-ldap-2.3.12/egg-dist-tmp-NfH6yQ extra_compile_args: extra_objects: include_dirs: /usr/local/openldap-2.3/include /usr/include/sasl library_dirs: /usr/local/openldap-2.3/lib libs: ldap_r lber sasl2 ssl crypto file Lib/ldap.py (for module ldap) not found file Lib/ldap/schema.py (for module ldap.schema) not found warning: no files found matching 'Makefile' warning: no files found matching 'Modules/LICENSE' file Lib/ldap.py (for module ldap) not found file Lib/ldap/schema.py (for module ldap.schema) not found file Lib/ldap.py (for module ldap) not found file Lib/ldap/schema.py (for module ldap.schema) not found Modules/constants.c: In function ?LDAPinit_constants?: Modules/constants.c:184: error: ?LDAP_OPT_X_TLS_CRLFILE? undeclared (first use in this function) Modules/constants.c:184: error: (Each undeclared identifier is reported only once Modules/constants.c:184: error: for each function it appears in.) error: Setup script exited with error: command 'gcc' failed with exit status 1 -- Adam Tauno Williams LPIC-1, Novell CLA OpenGroupware, Cyrus IMAPd, Postfix, OpenLDAP, Samba From michael at stroeder.com Tue Sep 21 19:02:09 2010 From: michael at stroeder.com (=?UTF-8?B?TWljaGFlbCBTdHLDtmRlcg==?=) Date: Tue, 21 Sep 2010 19:02:09 +0200 Subject: Installing python-ldap 2.3.12 fails In-Reply-To: <1285080230.3857.12.camel@linux-yu4c.site> References: <1285080230.3857.12.camel@linux-yu4c.site> Message-ID: <4C98E511.4060209@stroeder.com> Adam Tauno Williams wrote: > When I install the most recent python-ldap on my CentOS5 box (which has > Python2.6 from IUS) it fails. Previously I was able to install > python-ldap on a similarly provisioned host. Hmm, known problem...(see below) Ciao, Michael. -------- Original Message -------- Subject: Re: python-ldap-2.3.12: Compile error on CentOS 5.5, i386 Date: Wed, 11 Aug 2010 20:42:56 +0200 From: Michael Str?der To: Zhang Huangbin CC: Python Developer List Zhang Huangbin wrote: > > On Aug 9, 2010, at 11:43 PM, Michael Str?der wrote: > >> Find a new release of python-ldap: >> >> http://pypi.python.org/pypi/python-ldap/2.3.12 > > Compile error on CentOS 5.5, i386: > [..] > Modules/constants.c: In function ?LDAPinit_constants?: > Modules/constants.c:184: error: ?LDAP_OPT_X_TLS_CRLFILE? undeclared (first > use in this function) > Modules/constants.c:184: error: (Each undeclared identifier is reported > only once > Modules/constants.c:184: error: for each function it appears in.) > error: Setup script exited with error: command 'gcc' failed with exit > status 1 Looks like an older OpenLDAP release. Please try the patch below. Ciao, Michael. Index: Modules/constants.c =================================================================== RCS file: /cvsroot/python-ldap/python-ldap/Modules/constants.c,v retrieving revision 1.47 diff -u -r1.47 constants.c --- Modules/constants.c 7 May 2010 13:22:40 -0000 1.47 +++ Modules/constants.c 11 Aug 2010 05:14:47 -0000 @@ -181,7 +181,9 @@ #ifdef LDAP_OPT_X_TLS_CRLCHECK /* only available if OpenSSL supports it => might cause backward compability problems */ add_int(d,OPT_X_TLS_CRLCHECK); +#ifdef LDAP_OPT_X_TLS_CRLFILE add_int(d,OPT_X_TLS_CRLFILE); +#endif add_int(d,OPT_X_TLS_CRL_NONE); add_int(d,OPT_X_TLS_CRL_PEER); add_int(d,OPT_X_TLS_CRL_ALL); From tkb608 at gmail.com Thu Sep 30 19:19:39 2010 From: tkb608 at gmail.com (Tom Baxter) Date: Thu, 30 Sep 2010 13:19:39 -0400 Subject: AIX 6.1 install trouble. Message-ID: Hello, I am having trouble install python-ldap on an AIX 6.1 host. I have compiled the openldap libraries and am trying to install without any extras like SSL/crypt. Below is my setup.cfg, attached is the out put from "python setup.py build". Any guidance would be greatly appreciated. Thanks, Tom Baxter --------------- [_ldap] extra_objects = extra_compile_args = libs = ldap_r lber library_dirs = /usr/local/lib include_dirs = /usr/local/include [egg_info] tag_build = tag_date = 0 tag_svn_revision = 0 [install] compile = 1 optimize = 1 [bdist_rpm] doc_files = CHANGES README INSTALL TODO Demo/ provides = python-ldap release = 0 packager = Michael Stroeder requires = python libldap.so.2 -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: setup.out Type: application/octet-stream Size: 9914 bytes Desc: not available URL: From michael at stroeder.com Thu Sep 30 19:25:39 2010 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 30 Sep 2010 19:25:39 +0200 Subject: AIX 6.1 install trouble. In-Reply-To: References: Message-ID: <4CA4C813.2050908@stroeder.com> Tom Baxter wrote: > Hello, I am having trouble install python-ldap on an AIX 6.1 host. I > have compiled the openldap libraries and am trying to install without > any extras like SSL/crypt. Below is my setup.cfg, attached is the out > put from "python setup.py build". > Any guidance would be greatly appreciated. I'm not familiar with AIX. But it seems linking OpenSSL fails. Make sure the OpenSSL include files and (shared) libs are also in here: > library_dirs = /usr/local/lib > include_dirs = /usr/local/include Note that you can list several directories separated by a space char. Ciao, Michael. From pakraticus at gmail.com Thu Sep 30 20:23:25 2010 From: pakraticus at gmail.com (Chris Dukes) Date: Thu, 30 Sep 2010 14:23:25 -0400 Subject: AIX 6.1 install trouble. In-Reply-To: References: Message-ID: Manually rerun that last 'gcc' with a -Wl,-bnoquiet added to see the source of the objects depending on SSL symbols. I suspect that your ldap library is linked against OpenSSL. I recommend installing either IBM's LPP of OpenSSL, or the RPM from www.perzl.org Here is the spec file I used to build python-ldap 2.3.10 back in March on AIX 5.3. http://zeniv.linux.org.uk/~pakrat/python-ldap-2.3.10-1.fc13aix53.spec This was added to the contents of the source RPM for python-ldap taken from Fedora 13. This was done with Visual Age 'C' and 'C++' 10.1.0.0 I provided build requirements, including python, from http://www.perzl.org/aix/ Unfortunately, I did not build the OpenLDAP RPM I used and cannot provide you the binary RPM. You can try using the openldap spec file from ftp://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SPECS/ in combination with the source and patches from current Fedora as a starting point for building OpenLDAP. On Thu, Sep 30, 2010 at 1:19 PM, Tom Baxter wrote: > Hello, I am having trouble install python-ldap on an AIX 6.1 host. I have > compiled the openldap libraries and am trying to install without any extras > like SSL/crypt. Below is my setup.cfg, attached is the out put from "python > setup.py build". > Any guidance would be greatly appreciated. > > Thanks, Tom Baxter > > --------------- > [_ldap] > extra_objects = > extra_compile_args = > libs = ldap_r lber > library_dirs = /usr/local/lib > include_dirs = /usr/local/include > > [egg_info] > tag_build = > tag_date = 0 > tag_svn_revision = 0 > > [install] > compile = 1 > optimize = 1 > > [bdist_rpm] > doc_files = CHANGES README INSTALL TODO Demo/ > provides = python-ldap > release = 0 > packager = Michael Stroeder > requires = python libldap.so.2 > > > > ------------------------------------------------------------------------------ > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > _______________________________________________ > Python-LDAP-dev mailing list > Python-LDAP-dev at lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/python-ldap-dev > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From michael at stroeder.com Thu Sep 30 22:03:20 2010 From: michael at stroeder.com (=?ISO-8859-1?Q?Michael_Str=F6der?=) Date: Thu, 30 Sep 2010 22:03:20 +0200 Subject: AIX 6.1 install trouble. In-Reply-To: References:

Message-ID: <4CA4ED08.7060906@stroeder.com> Tom Baxter wrote: > Thank you both for the quick reply. I changed my setup.cfg to > include openssl see below. I also verified that the IBM openssl > package was installed. Attached is the output from the single gcc > call. As said I don't have any experience building on AIX. But from my understanding you should link to the very same OpenSSL lib with which OpenLDAP client libs were linked to. > libs = ldap_r lber ssl Maybe 'crypto' is missing here. See setup.cfg shipped in the source distribution and here: http://www.python-ldap.org/doc/html/installing.html#libs-used Ciao, Michael. From tkb608 at gmail.com Thu Sep 30 21:38:18 2010 From: tkb608 at gmail.com (Tom Baxter) Date: Thu, 30 Sep 2010 15:38:18 -0400 Subject: AIX 6.1 install trouble. In-Reply-To: References: Message-ID: Thank you both for the quick reply. I changed my setup.cfg to include openssl see below. I also verified that the IBM openssl package was installed. Attached is the output from the single gcc call. lslpp -L | grep ssl openssl.base 0.9.8.1100 C F Open Secure Socket Layer openssl.man.en_US 0.9.8.1100 C F Open Secure Socket Layer -------------------------------- [_ldap] extra_objects = extra_compile_args = libs = ldap_r lber ssl library_dirs = /usr/local/lib /usr/lib include_dirs = /usr/local/include /usr/include/openssl [egg_info] tag_build = tag_date = 0 tag_svn_revision = 0 [install] compile = 1 optimize = 1 [bdist_rpm] doc_files = CHANGES README INSTALL TODO Demo/ provides = python-ldap release = 0 packager = Michael Stroeder requires = python libldap.so.2 --------------------------- On Thu, Sep 30, 2010 at 2:23 PM, Chris Dukes wrote: > Manually rerun that last 'gcc' with a -Wl,-bnoquiet added to see the source > of the objects depending on SSL symbols. > I suspect that your ldap library is linked against OpenSSL.? I recommend > installing either IBM's LPP of OpenSSL, or the RPM from www.perzl.org > > Here is the spec file I used to build python-ldap 2.3.10 back in March on > AIX 5.3. > http://zeniv.linux.org.uk/~pakrat/python-ldap-2.3.10-1.fc13aix53.spec > This was added to the contents of the source RPM for python-ldap taken from > Fedora 13. > This was done with Visual Age 'C' and 'C++' 10.1.0.0 > I provided build requirements, including python, from > http://www.perzl.org/aix/ > Unfortunately, I did not build the OpenLDAP RPM I used and cannot provide > you the binary RPM. > You can try using the openldap spec file from > ftp://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SPECS/ > in combination with the source and patches from current Fedora as a starting > point for building OpenLDAP. > > > On Thu, Sep 30, 2010 at 1:19 PM, Tom Baxter wrote: >> >> ? Hello, I am having trouble install python-ldap on an AIX 6.1 host. I >> have compiled the openldap libraries and am trying to install without any >> extras like SSL/crypt. Below is my setup.cfg, attached is the out put from >> "python setup.py build". >> ? Any guidance would be greatly appreciated. >> >> ? Thanks, Tom Baxter >> >> --------------- >> [_ldap] >> extra_objects = >> extra_compile_args = >> libs = ldap_r lber >> library_dirs = /usr/local/lib >> include_dirs = /usr/local/include >> >> [egg_info] >> tag_build = >> tag_date = 0 >> tag_svn_revision = 0 >> >> [install] >> compile = 1 >> optimize = 1 >> >> [bdist_rpm] >> doc_files = CHANGES README INSTALL TODO Demo/ >> provides = python-ldap >> release = 0 >> packager = Michael Stroeder >> requires = python libldap.so.2 >> >> >> >> ------------------------------------------------------------------------------ >> Start uncovering the many advantages of virtual appliances >> and start using them to simplify application deployment and >> accelerate your shift to cloud computing. >> http://p.sf.net/sfu/novell-sfdev2dev >> _______________________________________________ >> Python-LDAP-dev mailing list >> Python-LDAP-dev at lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/python-ldap-dev >> > > -------------- next part -------------- A non-text attachment was scrubbed... Name: gcc.out Type: application/octet-stream Size: 16683 bytes Desc: not available URL: From adunmow at gmail.com Tue Jul 20 11:29:27 2010 From: adunmow at gmail.com (Alex Dunmow) Date: Tue, 20 Jul 2010 17:29:27 +0800 Subject: Active Directory - Security Descriptor Message-ID: Sorry if this is a noobish question (I am a noob when it comes to Python-Ldap) but is it possible to retrieve the security descriptor for objects? Such as a group? I've googled around all day and read over the docs a hundred times and am none the wiser. Is it possible? Thanks for the help, Alex -------------- next part -------------- An HTML attachment was scrubbed... URL: From pakraticus at gmail.com Thu Sep 30 22:56:21 2010 From: pakraticus at gmail.com (Chris Dukes) Date: Thu, 30 Sep 2010 16:56:21 -0400 Subject: AIX 6.1 install trouble. In-Reply-To: References:

Message-ID: Tom, I'm now going to assume that you don't actually know anything about linkers or shared libraries, nor about reading error messages to gain more detail debugging. The -Wl,-bnoquiet came from actually reading your error output and seeing ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information. collect2: ld returned 8 exit status Since you rolled your own libldap_r, I have zero idea which libraries it was linked against. Look through that gcc output and look for your ldap library. You'll see a line like (ld): lib /usr/local/lib/libldap_r.a Now see what is in that .a file ar t that_dot_a_file Now extract the shared object from that .a file ar x that_dot_a_file that_object_file Now see what libraries that shared object was linked against. ldd that_object_file And you're going to see something vaguely like /usr/lib/libs.a(shr.o) /usr/lib/libpthread.a(shr_xpg5.o) /opt/freeware/lib/liblber.a(liblber-2.4.so.2) /opt/freeware/lib/libssl.a(libssl.so.0.9.8) /opt/freeware/lib/libcrypto.a(libcrypto.so.0.9.8) /unix /usr/lib/libcrypt.a(shr.o) /usr/lib/libc.a(shr.o) /usr/lib/libpthreads.a(shr_comm.o) /usr/lib/libc.a(shr_64.o) /usr/lib/libpthreads.a(shr_xpg5_64.o) /usr/lib/libcrypt.a(shr_64.o) Of interest, libcrypto.a. You don't have 'crypto' in your libs stanza in setup.cfg (It's in the default one), so it would fail with the libldap_r.a that I have on my system. If you built cyrus-sasl and put it into /usr/local/lib, it'll later complain due to a lack of sasl2 in the libs as well. On Thu, Sep 30, 2010 at 3:38 PM, Tom Baxter wrote: > Thank you both for the quick reply. I changed my setup.cfg to > include openssl see below. I also verified that the IBM openssl > package was installed. Attached is the output from the single gcc > call. > > lslpp -L | grep ssl > openssl.base 0.9.8.1100 C F Open Secure Socket Layer > openssl.man.en_US 0.9.8.1100 C F Open Secure Socket Layer > > -------------------------------- > > [_ldap] > extra_objects = > extra_compile_args = > libs = ldap_r lber ssl > library_dirs = /usr/local/lib /usr/lib > include_dirs = /usr/local/include /usr/include/openssl > > [egg_info] > tag_build = > tag_date = 0 > tag_svn_revision = 0 > > [install] > compile = 1 > optimize = 1 > > [bdist_rpm] > doc_files = CHANGES README INSTALL TODO Demo/ > provides = python-ldap > release = 0 > packager = Michael Stroeder > requires = python libldap.so.2 > > --------------------------- > > On Thu, Sep 30, 2010 at 2:23 PM, Chris Dukes wrote: > > Manually rerun that last 'gcc' with a -Wl,-bnoquiet added to see the > source > > of the objects depending on SSL symbols. > > I suspect that your ldap library is linked against OpenSSL. I recommend > > installing either IBM's LPP of OpenSSL, or the RPM from www.perzl.org > > > > Here is the spec file I used to build python-ldap 2.3.10 back in March on > > AIX 5.3. > > http://zeniv.linux.org.uk/~pakrat/python-ldap-2.3.10-1.fc13aix53.spec > > This was added to the contents of the source RPM for python-ldap taken > from > > Fedora 13. > > This was done with Visual Age 'C' and 'C++' 10.1.0.0 > > I provided build requirements, including python, from > > http://www.perzl.org/aix/ > > Unfortunately, I did not build the OpenLDAP RPM I used and cannot provide > > you the binary RPM. > > You can try using the openldap spec file from > > ftp://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/SPECS/ > > in combination with the source and patches from current Fedora as a > starting > > point for building OpenLDAP. > > > > > > On Thu, Sep 30, 2010 at 1:19 PM, Tom Baxter wrote: > >> > >> Hello, I am having trouble install python-ldap on an AIX 6.1 host. I > >> have compiled the openldap libraries and am trying to install without > any > >> extras like SSL/crypt. Below is my setup.cfg, attached is the out put > from > >> "python setup.py build". > >> Any guidance would be greatly appreciated. > >> > >> Thanks, Tom Baxter > >> > >> --------------- > >> [_ldap] > >> extra_objects = > >> extra_compile_args = > >> libs = ldap_r lber > >> library_dirs = /usr/local/lib > >> include_dirs = /usr/local/include > >> > >> [egg_info] > >> tag_build = > >> tag_date = 0 > >> tag_svn_revision = 0 > >> > >> [install] > >> compile = 1 > >> optimize = 1 > >> > >> [bdist_rpm] > >> doc_files = CHANGES README INSTALL TODO Demo/ > >> provides = python-ldap > >> release = 0 > >> packager = Michael Stroeder > >> requires = python libldap.so.2 > >> > >> > >> > >> > ------------------------------------------------------------------------------ > >> Start uncovering the many advantages of virtual appliances > >> and start using them to simplify application deployment and > >> accelerate your shift to cloud computing. > >> http://p.sf.net/sfu/novell-sfdev2dev > >> _______________________________________________ > >> Python-LDAP-dev mailing list > >> Python-LDAP-dev at lists.sourceforge.net > >> https://lists.sourceforge.net/lists/listinfo/python-ldap-dev > >> > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: