[python-ldap] dirSync control, no Cookie
Christopher Paul
chris.paul at rexconsulting.net
Thu Sep 15 13:55:44 EDT 2022
Hello Python-LDAP,
I am trying to use python-ldap to LDAPSearch w/the MS DirSync control '1.2.840.113556.1.4.841'.
My ldap.controls.LDAPControl ends up looking like this:
>>> dirSync.ctrl1.controlType
'1.2.840.113556.1.4.841'
>>> dirSync.ctrl1.criticality
True
>>> dirSync.ctrl1.encodedControlValue
b'0\x08\x02\x01\x00\x02\x01\x00\x04\x00'
This sets flags: 0, maxBytes: 0, with a null Cookie.
I get a result using "result4":
adldapconn.result4(msgid=ldap.RES_ANY, all=1, add_ctrls=1, add_intermediates=1, add_extop=1, timeout=30)
It seems to work in as much as it was able to submit the control and control value to AD (though null cookie), and AD returns the answer with cookie value.
The problem is that the result4 contains "None, None" for the 3rd and 4th fields, so I cannot get the cookie.
>>> res=dirSync.dirSync()
result is (101, [('CN=Jed Tanner,CN=Users,DC=adlab,DC=rexconsulting,DC=net', {'objectGUID': [b't\xfafq\xa6\xa7\xdcI\x8e\xd7\xfe\xde\xdb\xab\xfaa'], 'description': [b'Most Awesome Test User'], 'instanceType': [b'4']}, [])], 2, [], None, None)
I tried LDAPObject.extop_result too and get (None, None).
So with no cookie, I cannot make my next control value, though I do see it in tcpdump/wireshark, so know that AD is sending it back.
Is this a problem with python-ldap or am I doing something wrong?
Many thanks,
Chris Paul
More information about the python-ldap
mailing list