From kaisernikola at yandex.ru Sun Jul 21 21:42:26 2013 From: kaisernikola at yandex.ru (=?koi8-r?B?7snLz8zByiDzwcrLzw==?=) Date: Sun, 21 Jul 2013 23:42:26 +0400 Subject: [python3-ldap] issue extracting jpegPhoto from LDAP Message-ID: <212411374435746@web13g.yandex.ru> Greetings! ldap3 module is very useful & convinient, great thanks for it! But I found problem when trying to extract "jpegPhoto" attr from LDAP record. In my case it is raw bytes of jpeg image - but in ldap3 ALL data is "str" (which is unicode-type in python3), not bytes. So, thanks to encoding from "utf-8" and back, jpegPhoto becomes stripped from beginning & some bytes inside are corrupted too :( In most cases str instaed of bytes is quite convinient, but solution for my case may be needed... I made a small hack to fix it without breaking other module`s logic: add attribute in searchResultEntryResponseToDict with raw bytes copy of data: def searchResultEntryResponseToDict(response): return { 'dn': str(response['object']), 'attrs': decodeAttributeList(response['attributes']), + 'byte_attrs': decodeAttributeList(response['attributes'], raw=True) } - def decodeAttributeList_b(attributeList): + def decodeAttributeList_b(attributeList, raw=False): attributes = [] + conv = bytes if raw else str for attribute in attributeList: - attributes.append((str(attribute['type']), decodeVals(attribute['vals']))) + attributes.append((str(attribute['type']), [conv(attribute['vals']) for val in vals if val] or None)) return attributes Best Regards, Nikolay Saiko From kaisernikola at yandex.ru Mon Jul 22 08:54:43 2013 From: kaisernikola at yandex.ru (=?koi8-r?B?7snLz8zByiDzwcrLzw==?=) Date: Mon, 22 Jul 2013 10:54:43 +0400 Subject: [python3-ldap] issue extracting jpegPhoto from LDAP In-Reply-To: <212411374435746@web13g.yandex.ru> References: <212411374435746@web13g.yandex.ru> Message-ID: <676511374476083@web15f.yandex.ru> Sorry, there were errors in my previous code. It shall be like this: line 286: - def decodeAttributeList(attributeList): + def decodeAttributeList(attributeList, raw=False): + conv = bytes if raw else str line 289 - attributes.append((str(attribute['type']), decodeVals(attribute['vals']))) + attributes.append((str(attribute['type']), [conv(val) for val in attribute['vals'] if val] or None)) line 383-384 - 'attrs': decodeAttributeList(response['attributes']) + 'attrs': decodeAttributeList(response['attributes']), + 'byte_attrs': decodeAttributeList(response['attributes'], raw=True) 21.07.2013, 23:42, "??????? ?????" : > Greetings! > > ldap3 module is very useful & convinient, great thanks for it! > > But I found problem when trying to extract "jpegPhoto" attr from LDAP record. In my case it is raw bytes of jpeg image - but in ldap3 ALL data is "str" (which is unicode-type in python3), not bytes. > So, thanks to encoding from "utf-8" and back, jpegPhoto becomes stripped from beginning & some bytes inside are corrupted too :( > > In most cases str instaed of bytes is quite convinient, but solution for my case may be needed... > I made a small hack to fix it without breaking other module`s logic: add attribute in searchResultEntryResponseToDict with raw bytes copy of data: > > def searchResultEntryResponseToDict(response): > ????return { > ??????????????'dn': str(response['object']), > ??????????????'attrs': decodeAttributeList(response['attributes']), > + ???????????'byte_attrs': decodeAttributeList(response['attributes'], raw=True) > ??????????????} > > - def decodeAttributeList_b(attributeList): > + def decodeAttributeList_b(attributeList, raw=False): > ????attributes = [] > + ?conv = bytes if raw else str > ????for attribute in attributeList: > - ???????attributes.append((str(attribute['type']), decodeVals(attribute['vals']))) > + ??????attributes.append((str(attribute['type']), [conv(attribute['vals']) for val in vals if val] or None)) > ????return attributes > > Best Regards, > Nikolay Saiko From python3ldap at gmail.com Mon Jul 22 12:22:41 2013 From: python3ldap at gmail.com (python3ldap) Date: Mon, 22 Jul 2013 12:22:41 +0200 Subject: [python3-ldap] issue extracting jpegPhoto from LDAP Message-ID: Hello Nikolay, thanks for your suggestion, I'm aware of the raw bytes vs str problem. I'd like to address it in two ways: 1. I'd like to have an "autoDiscover" in the server object) to find attributes syntax mapping (accessing the schema on the server) 2. define an additional parameter in the attribute list to specify the requested decoding of the attribute. The latter is almost the same of your proposal.I think I will implement it soon, now I'm working on referrarls. I should have a working alpha release for tomorrow. Thanks for your support and appreciation. bye, gc ********* Date: Mon, 22 Jul 2013 10:54:43 +0400 From: ??????? ????? To: "python3-ldap at python.org" Subject: Re: [python3-ldap] issue extracting jpegPhoto from LDAP Message-ID: <676511374476083 at web15f.yandex.ru> Content-Type: text/plain; charset=koi8-r Sorry, there were errors in my previous code. It shall be like this: line 286: - def decodeAttributeList(attributeList): + def decodeAttributeList(attributeList, raw=False): + conv = bytes if raw else str line 289 - attributes.append((str(attribute['type']), decodeVals(attribute['vals']))) + attributes.append((str(attribute['type']), [conv(val) for val in attribute['vals'] if val] or None)) line 383-384 - 'attrs': decodeAttributeList(response['attributes']) + 'attrs': decodeAttributeList(response['attributes']), + 'byte_attrs': decodeAttributeList(response['attributes'], raw=True) 21.07.2013, 23:42, "??????? ?????" : > Greetings! > > ldap3 module is very useful & convinient, great thanks for it! > > But I found problem when trying to extract "jpegPhoto" attr from LDAP record. In my case it is raw bytes of jpeg image - but in ldap3 ALL data is "str" (which is unicode-type in python3), not bytes. > So, thanks to encoding from "utf-8" and back, jpegPhoto becomes stripped from beginning & some bytes inside are corrupted too :( > > In most cases str instaed of bytes is quite convinient, but solution for my case may be needed... > I made a small hack to fix it without breaking other module`s logic: add attribute in searchResultEntryResponseToDict with raw bytes copy of data: > > def searchResultEntryResponseToDict(response): > ????return { > ??????????????'dn': str(response['object']), > ??????????????'attrs': decodeAttributeList(response['attributes']), > + ???????????'byte_attrs': decodeAttributeList(response['attributes'], raw=True) > ??????????????} > > - def decodeAttributeList_b(attributeList): > + def decodeAttributeList_b(attributeList, raw=False): > ????attributes = [] > + ?conv = bytes if raw else str > ????for attribute in attributeList: > - ???????attributes.append((str(attribute['type']), decodeVals(attribute['vals']))) > + ??????attributes.append((str(attribute['type']), [conv(attribute['vals']) for val in vals if val] or None)) > ????return attributes > > Best Regards, > Nikolay Saiko -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Mon Jul 29 23:10:14 2013 From: python3ldap at gmail.com (python3ldap) Date: Mon, 29 Jul 2013 23:10:14 +0200 Subject: [python3-ldap] python3-ldap v 0.4.2-alpha released Message-ID: Hello everybody, I've release version 0.4.2-alpha of python3-ldap with autoReferral option. As specified in RFC 4511 and in RFC 4516 now the ldap3 client will follow referrals, All you have to do is define a list of valid referrals in the Server object in the allowedReferralHosts (or an '*' if you want to allow for any referral). List objects are tuples composed of a server address and a boolean. If the boolean is True the client will bind to referrals using the same authentication credential of original server, if False it will try only anonymous bind. For example to allow only server 192.168.: server = Server('server1.mydomain.com', 389, allowedReferralHosts = [(' server2.mydomain.com', True), ('server3.untrusteddomain.com', False)) You can also set a "autoReferral" boolean in the Connection object to activate or deactivate referrals management for the whole connection. Have fun, gc -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Wed Jul 31 20:13:23 2013 From: python3ldap at gmail.com (python3ldap) Date: Wed, 31 Jul 2013 20:13:23 +0200 Subject: [python3-ldap] python3-ldap v 0.4.3-alpha released Message-ID: Hello everybody, I've released version 0.4.3-alpha of python3-ldap with following enhancements: - Test suite refactored - Fixed single object search response error - Changed attributes returned in search from tuple to dict - Added 'rawAttributes' key in search response to hold undecoded (binary) attribute values read from ldap (thanks - Added __repr__ for Server and Connection objects to re-create the object instance I'm still working on same basic element of the protocol, next alpha releases should include autoSearchReference, controls and extended operation.Then I will start to work on the authentication procedure. After that I hope to have a stable object interface, so I will start working on the DIT. Let me know if you have any problem. Have fun, gc -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Wed Jul 31 17:54:13 2013 From: python3ldap at gmail.com (python3ldap) Date: Wed, 31 Jul 2013 17:54:13 +0200 Subject: [python3-ldap] python3-ldap-0.4-3-alpha released Message-ID: Hello everybody, I've release the 0.4.3 version of python3-ldap with the following enhancements: - Test suite refactored - Fixed single object search response error - Changed attributes returned in search from tuple to dict - Added 'rawAttributes' key in search response to hold undecoded (binary) attribute values read from ldap - Added __repr__ for Server and Connection objects to re-create the object instance Let me know if you have any problems Have fun, gc -------------- next part -------------- An HTML attachment was scrubbed... URL: From kaisernikola at yandex.ru Thu Aug 1 15:24:48 2013 From: kaisernikola at yandex.ru (=?koi8-r?B?7snLz8zByiDzwcrLzw==?=) Date: Thu, 01 Aug 2013 17:24:48 +0400 Subject: [python3-ldap] python3-ldap-0.4-3-alpha released Message-ID: <118461375363488@web1d.yandex.ru> Great news! Everything works well. Thank you for quick fixes on my request :) Best Regards, Nikolay Saiko From python3ldap at gmail.com Thu Aug 8 09:10:01 2013 From: python3ldap at gmail.com (python3ldap) Date: Thu, 8 Aug 2013 09:10:01 +0200 Subject: [python3-ldap] python3-ldap v 0.4.4-alpha released Message-ID: Hello everybody, I've released version 0.4.3-alpha of python3-ldap with following enhancements: 0.4.4 - 2013.08.01 - Added 'Controls' to all LDAP Requests - Added Extended Request feature - Added Intermediate Response feature - Added logical namespace 'ldap3' I'm working now on the StartTLS operation and the SASL authentication procedure. After that I hope to have a stable object interface. Let me know if you have any problem. Have fun, gc -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Thu Aug 15 17:52:26 2013 From: python3ldap at gmail.com (python3ldap) Date: Thu, 15 Aug 2013 17:52:26 +0200 Subject: [python3-ldap] Python3-ldap 0.5.0-alpha released! Message-ID: Hi, I've released version 0.5.0-alpha. of python3-ldap.This release is mainly on TLS and SASL features. You can get it at https://pypi.python.org/pypi/python3-ldap Have fun, gc -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Wed Sep 4 17:09:03 2013 From: python3ldap at gmail.com (python3ldap) Date: Wed, 4 Sep 2013 17:09:03 +0200 Subject: [python3-ldap] Python3-ldap 0.5.3-alpha released! Message-ID: Hello everybody, I've a bunch of new features for the python3-ldap library: - Added Info from DSE (in server.info) - Added connection usage (in connection.usage if collectUsage=True in connection definition) - Added getOperationalAttributes boolean to Search operation to fetch the operational attributes during searches - Added increment operation to modify operation as per rfc 4525 - Added dictionary of OID description (for DSE and schema decoding) - Added Info from DSE (in server.info) - Added connection usage (in connection.usage if collectUsage=True in connection definition) - Modified exceptions for sending controls in LDAP request - Fixed StartTls in asynchronous client strategy I've created a dictionary of OID to decode supported features/controls/extensions gathering information from rfc and major vendors documentation. I'm still missing specific OID for Microsoft Active Directory but hope to add them soon. With this dictionary you can populate the server.info property with a lot of (decoded if possible) information about the ldap server. To have the info gathered you have to create the Server object with the parameter getInfo=GET_DSA_INFO. I also added a connection usage summary in the form of a property in the Connection class. If you create the connection with the parameter collectUsage=True you can have something like this in the connection.usage property: >>> c.usage Connection Usage: Start Time: Wed Sep 4 17:02:58 2013 Elapsed time: 0:00:41.386205 Bytes: 11075 Transmitted: 186 Received: 10889 Messages:31 Trasmitted: 5 Received: 26 Operations: 5 Abandon: 0 Bind: 1 Compare: 0 Delete: 0 Extended: 0 Modify: 0 ModifyDn: 0 Search: 3 Unbind: 1 Let me know if you need more information recorded. I've refined the interface protocol a little, removing the StopTLS method because rfc4511 and rfc 4513 define the removal of TLS as a MAY feature of the ldap server, so I can't have a generic function for it. I'm working on the schema browser now. I hope to have it for the next week, then we could finally move to beta! Once I have the first beta release I'll set up a public repository with ticketing and bug tracking. Have fun, gc -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Tue Sep 17 14:55:21 2013 From: python3ldap at gmail.com (python3ldap) Date: Tue, 17 Sep 2013 14:55:21 +0200 Subject: [python3-ldap] python3-ldap 0.6.0-beta released and new project site! Message-ID: Hello everybody, I've upgraded python3-ldap to version 0.6.0 and moved it to beta stage. New features are: - Added getInfo attribute to server object, parameter can be: GET_NO_INFO, GET_DSA_INFO, GET_SCHEMA_INFO, GET_ALL_INFO - Added method to read the schema from the server. Schema is decoded and returned in different dictionaries of the server.schema object - Updated connection usage info (elapsed time is now computed when connection is closed) - Updated OID dictionary with extensions and controls from Active Directory specifications. Interface is quite stable now so I've moved from alpha to beta; I've set up a site for distributing source via svn and submitting support tickets. Both services are hosted by assembla.com, the addresses are: SVN repository: https://subversion.assembla.com/svn/python3-ldap Support tickets: https://www.assembla.com/spaces/python3-ldap/support/tickets Let me know if you have any problem with them. Have fun, gc -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.list at isrcomputing.com Fri Sep 20 22:34:03 2013 From: paul.list at isrcomputing.com (Paul G.) Date: Fri, 20 Sep 2013 16:34:03 -0400 (EDT) Subject: [python3-ldap] Development Question Message-ID: <520797692.151298.1379709243984.open-xchange@email.1and1.com> Hi, I downloaded 'python3-ldap-0.6.0-beta' and tested it. It failed to work for me. from ldap3 import connection, server from ldap3 import AUTH_SIMPLE, STRATEGY_SYNC, STRATEGY_ASYNC_THREADED, SEARCH_DEREFERENCE_ALWAYS, SEARCH_SCOPE_WHOLE_SUBTREE, GET_ALL_INFO import pprint s = server.Server(LDAP_HOST, port = 389, getInfo = GET_ALL_INFO) c = connection.Connection(s, autoBind = True, clientStrategy = STRATEGY_SYNC, user=LDAP_USER, password=LDAP_PASS, authentication=AUTH_SIMPLE) print(s.info) result = c.search('o=hcc','(objectClass=*)', SEARCH_SCOPE_WHOLE_SUBTREE, SEARCH_DEREFERENCE_ALWAYS, attributes = ['cn','ou','uid']); pprint.PrettyPrinter(indent=4).pprint(c); pprint.PrettyPrinter(indent=4).pprint(result); c.unbind(); It returns with: Connection(server=Server(host='XXXXX', port=389, ssl=False, getInfo=3), user='XXXXX', password='YYYYYY', autoBind=True, version=3, authentication=1, clientStrategy=0, autoReferrals=True) False Is there a way to turn on extra debugging to see where the script is failing? Regards, Paul G. -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Sat Sep 21 04:21:27 2013 From: python3ldap at gmail.com (python3ldap) Date: Sat, 21 Sep 2013 04:21:27 +0200 Subject: [python3-ldap] Development Question In-Reply-To: <520797692.151298.1379709243984.open-xchange@email.1and1.com> References: <520797692.151298.1379709243984.open-xchange@email.1and1.com> Message-ID: Hello Paul, thanks for testing the python3-ldap client library! There is no specific extra debug information in the library for now, you can check the ldap result message for each ldap operation inspecting the c.result attribute. I've sligthly modified your script and it''s working for me: from ldap3 import Connection, Server from ldap3 import AUTH_SIMPLE, STRATEGY_SYNC, SEARCH_DEREFERENCE_ALWAYS, SEARCH_SCOPE_WHOLE_SUBTREE, GET_NO_INFO import pprint LDAP_HOST = 'yourServer' LDAP_USER = 'yourUser' LDAP_PASS = 'yourPassword' s = Server(LDAP_HOST, port = 389, getInfo = GET_NO_INFO) c = Connection(s, autoBind = False, clientStrategy = STRATEGY_SYNC, user=LDAP_USER, password=LDAP_PASS, authentication=AUTH_SIMPLE) c.open() print('Connection info:') print(c) c.bind() print('Bind result:') pprint.PrettyPrinter(indent=4).pprint(c.result) #print(s.info) result = c.search('o=hcc','(objectClass=*)', SEARCH_SCOPE_WHOLE_SUBTREE, SEARCH_DEREFERENCE_ALWAYS, attributes = ['cn','ou','uid']) print('Search result:') pprint.PrettyPrinter(indent=4).pprint(c.result) print('Search response:') pprint.PrettyPrinter(indent=4).pprint(c.response) c.unbind() Please, substitute the LDAP_HOST, LDAP_USER and LDAP_PASSWORD with your current values and send me back the output. You should get details for the conection info, for the bind result, the search result and the search response. I've remove the GET_ALL_INFO for now, because it adds a few search operations at the bind phase and overrides the result from the bind operation. You can add it back later wjem it's working. Can you tell me more on the client and the server platform you're using? Thanks, Giovanni Have fun, gc 2013/9/20 Paul G. > ** > Hi, > > I downloaded 'python3-ldap-0.6.0-beta' and tested it. It failed to work > for me. > > > from ldap3 import connection, server > from ldap3 import AUTH_SIMPLE, STRATEGY_SYNC, STRATEGY_ASYNC_THREADED, SEARCH_DEREFERENCE_ALWAYS, SEARCH_SCOPE_WHOLE_SUBTREE, GET_ALL_INFO > import pprint > s = server.Server(LDAP_HOST, port = 389, getInfo = GET_ALL_INFO) > c = connection.Connection(s, autoBind = True, clientStrategy = STRATEGY_SYNC, user=LDAP_USER, password=LDAP_PASS, authentication=AUTH_SIMPLE) > print(s.info) > result = c.search('o=hcc','(objectClass=*)', SEARCH_SCOPE_WHOLE_SUBTREE, SEARCH_DEREFERENCE_ALWAYS, attributes = ['cn','ou','uid']); > pprint.PrettyPrinter(indent=4).pprint(c); > pprint.PrettyPrinter(indent=4).pprint(result); > c.unbind(); > > It returns with: > > Connection(server=Server(host='XXXXX', port=389, ssl=False, getInfo=3), user='XXXXX', password='YYYYYY', autoBind=True, version=3, authentication=1, clientStrategy=0, autoReferrals=True) > False > > > Is there a way to turn on extra debugging to see where the script is > failing? > > Regards, > Paul G. > > _______________________________________________ > python3-ldap mailing list > python3-ldap at python.org > https://mail.python.org/mailman/listinfo/python3-ldap > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.list at isrcomputing.com Sat Sep 21 16:55:56 2013 From: paul.list at isrcomputing.com (Paul G.) Date: Sat, 21 Sep 2013 10:55:56 -0400 (EDT) Subject: [python3-ldap] Development Question In-Reply-To: References: <520797692.151298.1379709243984.open-xchange@email.1and1.com> Message-ID: <980721200.163047.1379775356794.open-xchange@email.1and1.com> Hi Giovanni, Thank you for your prompt response! It is Novell E-Directory LDAP server. I will check it on Monday and will get back to you with my results. Regards, Paul > On September 20, 2013 at 10:21 PM python3ldap wrote: > > Hello Paul, > thanks for testing the python3-ldap client library! > There is no specific extra debug information in the library for now, you can > check the ldap result message for each ldap operation inspecting the c.result > attribute. > I've sligthly modified your script and it''s working for me: > > from ldap3 import Connection, Server > from ldap3 import AUTH_SIMPLE, STRATEGY_SYNC, SEARCH_DEREFERENCE_ALWAYS, > SEARCH_SCOPE_WHOLE_SUBTREE, GET_NO_INFO > import pprint > LDAP_HOST = 'yourServer' > LDAP_USER = 'yourUser' > LDAP_PASS = 'yourPassword' > s = Server(LDAP_HOST, port = 389, getInfo = GET_NO_INFO) > c = Connection(s, autoBind = False, clientStrategy = STRATEGY_SYNC, > user=LDAP_USER, password=LDAP_PASS, authentication=AUTH_SIMPLE) > c.open() > print('Connection info:') > print(c) > c.bind() > print('Bind result:') > pprint.PrettyPrinter(indent=4).pprint(c.result) > #print( ) > result = c.search('o=hcc','(objectClass=*)', SEARCH_SCOPE_WHOLE_SUBTREE, > SEARCH_DEREFERENCE_ALWAYS, attributes = ['cn','ou','uid']) > print('Search result:') > pprint.PrettyPrinter(indent=4).pprint(c.result) > print('Search response:') > pprint.PrettyPrinter(indent=4).pprint(c.response) > c.unbind() > > Please, substitute the LDAP_HOST, LDAP_USER and LDAP_PASSWORD with your > current values and send me back the output. You should get details for the > conection info, for the bind result, the search result and the search > response. > I've remove the GET_ALL_INFO for now, because it adds a few search operations > at the bind phase and overrides the result from the bind operation. You can > add it back later wjem it's working. > > Can you tell me more on the client and the server platform you're using? > > Thanks, > Giovanni > > Have fun, > gc > > > 2013/9/20 Paul G. > > > > Hi, > > > > I downloaded 'python3-ldap-0.6.0-beta' and tested it. It failed to work > > for me. > > > > > > from ldap3 import connection, server > > from ldap3 import AUTH_SIMPLE, STRATEGY_SYNC, STRATEGY_ASYNC_THREADED, > > SEARCH_DEREFERENCE_ALWAYS, SEARCH_SCOPE_WHOLE_SUBTREE, GET_ALL_INFO > > import pprint > > s = server.Server(LDAP_HOST, port = 389, getInfo = GET_ALL_INFO) > > > > c = connection.Connection(s, autoBind = True, clientStrategy = > > STRATEGY_SYNC, user=LDAP_USER, password=LDAP_PASS, > > authentication=AUTH_SIMPLE) > > print() > > result = c.search('o=hcc','(objectClass=*)', SEARCH_SCOPE_WHOLE_SUBTREE, > > SEARCH_DEREFERENCE_ALWAYS, attributes = ['cn','ou','uid']); > > > > pprint.PrettyPrinter(indent=4).pprint(c); > > pprint.PrettyPrinter(indent=4).pprint(result); > > c.unbind(); > > > > It returns with: > > > > Connection(server=Server(host='XXXXX', port=389, ssl=False, getInfo=3), > > user='XXXXX', password='YYYYYY', autoBind=True, version=3, authentication=1, > > clientStrategy=0, autoReferrals=True) > > > > False > > > > > > Is there a way to turn on extra debugging to see where the script is > > failing? > > > > Regards, > > Paul G. > > > > _______________________________________________ > > python3-ldap mailing list > > python3-ldap at python.org > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From paul.list at isrcomputing.com Mon Sep 23 15:33:57 2013 From: paul.list at isrcomputing.com (Paul G.) Date: Mon, 23 Sep 2013 09:33:57 -0400 (EDT) Subject: [python3-ldap] R: Development Question In-Reply-To: <523ddc96.45590e0a.0679.121a@mx.google.com> References: <523ddc96.45590e0a.0679.121a@mx.google.com> Message-ID: <1259635542.204889.1379943237981.open-xchange@email.1and1.com> Hi Giovanni, It worked. Thank you! { 'description': 'success', 'dn': '', 'message': '', 'referrals': None, 'result': 0, 'type': 'searchResDone'} [ { 'attributes': {}, So the issue is with GET_ALL_INFO :) Regards, Paul > On September 21, 2013 at 1:51 PM Python3-ldap wrote: > > Hi Paul, I'm quite confident it will work on Novell eDirectory, actually I'm > using it for developing and testing the library itself. > > Have a nice weekend, > Giovanni > > gc > > --------------------------------------------- > Da: Paul G. > Inviato: ?21/?09/?2013 16.56 > A: python3ldap ; python3-ldap at python.org > > Oggetto: Re: [python3-ldap] Development Question > > Hi Giovanni, > > Thank you for your prompt response! > > It is Novell E-Directory LDAP server. I will check it on Monday and will get > back to you with my results. > > Regards, > Paul > > > > On September 20, 2013 at 10:21 PM python3ldap > > > wrote: > > > > Hello Paul, > > thanks for testing the python3-ldap client library! > > There is no specific extra debug information in the library for now, you > > can check the ldap result message for each ldap operation inspecting the > > c.result attribute. > > I've sligthly modified your script and it''s working for me: > > > > from ldap3 import Connection, Server > > from ldap3 import AUTH_SIMPLE, STRATEGY_SYNC, SEARCH_DEREFERENCE_ALWAYS, > > SEARCH_SCOPE_WHOLE_SUBTREE, GET_NO_INFO > > import pprint > > LDAP_HOST = 'yourServer' > > LDAP_USER = 'yourUser' > > LDAP_PASS = 'yourPassword' > > s = Server(LDAP_HOST, port = 389, getInfo = GET_NO_INFO) > > c = Connection(s, autoBind = False, clientStrategy = STRATEGY_SYNC, > > user=LDAP_USER, password=LDAP_PASS, authentication=AUTH_SIMPLE) > > c.open() > > print('Connection info:') > > print(c) > > c.bind() > > print('Bind result:') > > pprint.PrettyPrinter(indent=4).pprint(c.result) > > #print( ) > > result = c.search('o=hcc','(objectClass=*)', SEARCH_SCOPE_WHOLE_SUBTREE, > > SEARCH_DEREFERENCE_ALWAYS, attributes = ['cn','ou','uid']) > > print('Search result:') > > pprint.PrettyPrinter(indent=4).pprint(c.result) > > print('Search response:') > > pprint.PrettyPrinter(indent=4).pprint(c.response) > > c.unbind() > > > > Please, substitute the LDAP_HOST, LDAP_USER and LDAP_PASSWORD with your > > current values and send me back the output. You should get details for the > > conection info, for the bind result, the search result and the search > > response. > > I've remove the GET_ALL_INFO for now, because it adds a few search > > operations at the bind phase and overrides the result from the bind > > operation. You can add it back later wjem it's working. > > > > Can you tell me more on the client and the server platform you're using? > > > > Thanks, > > Giovanni > > > > Have fun, > > gc > > > > > > 2013/9/20 Paul G. > > > > > > > Hi, > > > > > > I downloaded 'python3-ldap-0.6.0-beta' and tested it. It failed to > > > work for me. > > > > > > > > > from ldap3 import connection, server > > > from ldap3 import AUTH_SIMPLE, STRATEGY_SYNC, STRATEGY_ASYNC_THREADED, > > > SEARCH_DEREFERENCE_ALWAYS, SEARCH_SCOPE_WHOLE_SUBTREE, GET_ALL_INFO > > > import pprint > > > s = server.Server(LDAP_HOST, port = 389, getInfo = GET_ALL_INFO) > > > > > > c = connection.Connection(s, autoBind = True, clientStrategy = > > > STRATEGY_SYNC, user=LDAP_USER, password=LDAP_PASS, > > > authentication=AUTH_SIMPLE) > > > print() > > > result = c.search('o=hcc','(objectClass=*)', > > > SEARCH_SCOPE_WHOLE_SUBTREE, SEARCH_DEREFERENCE_ALWAYS, attributes = > > > ['cn','ou','uid']); > > > > > > pprint.PrettyPrinter(indent=4).pprint(c); > > > pprint.PrettyPrinter(indent=4).pprint(result); > > > c.unbind(); > > > > > > It returns with: > > > > > > Connection(server=Server(host='XXXXX', port=389, ssl=False, > > > getInfo=3), user='XXXXX', password='YYYYYY', autoBind=True, version=3, > > > authentication=1, clientStrategy=0, autoReferrals=True) > > > > > > False > > > > > > > > > Is there a way to turn on extra debugging to see where the script is > > > failing? > > > > > > Regards, > > > Paul G. > > > > > > _______________________________________________ > > > python3-ldap mailing list > > > python3-ldap at python.org > > > > > > > > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Sun Sep 29 17:09:50 2013 From: python3ldap at gmail.com (python3ldap) Date: Sun, 29 Sep 2013 17:09:50 +0200 Subject: [python3-ldap] Python3-ldap 0.6.1-beta released. Experimental support for Python 2! Message-ID: Hello everybody, I've release version 0.6.1-beta of python3-ldap client library. I've been working on compatability with python2. The library now can be installed on python2 (via pypi, as usual) and it should work without any problem (at least it worked for me on python2.7). There is no detection of python version inside the library, I've modified the code so that it can run in python3 or python2 without any hassle. There is no branch of code to be executed in different version of the interpreter, so the codebase should be easily mantained. When running on Python2 there is still no unicode support, but all the remaing features should be ok. Let me know if this is working for you too. Have fun, gc From cory.lutton at gmail.com Mon Sep 30 23:55:35 2013 From: cory.lutton at gmail.com (Cory Lutton) Date: Mon, 30 Sep 2013 14:55:35 -0700 Subject: [python3-ldap] Search exception Message-ID: Hello, I have loaded up version 0.6.1 to test and am getting the output below on a search. I am testing against active directory from a windows pc with python 3.2.5. Here is my test script and the output: ################################################################################ from ldap3 import Server, Connection, STRATEGY_SYNC, AUTH_SIMPLE from ldap3 import SEARCH_SCOPE_WHOLE_SUBTREE, SEARCH_DEREFERENCE_ALWAYS import pprint LDAP_HOST = 'myhostname' LDAP_USER = 'myuser' LDAP_PASS = 'mypassword' s = Server(LDAP_HOST, port = 389) c = Connection(s, autoBind = False, clientStrategy = STRATEGY_SYNC, user=LDAP_USER, password=LDAP_PASS, authentication=AUTH_SIMPLE) c.open() print('Connection info:') print(c) c.bind() print('Bind result:') pprint.PrettyPrinter(indent=4).pprint(c.result) #print(s.info) result = c.search('dc=MYDOMAIN,dc=COM', '(&(objectCategory=person)(sAMAccountName=myuser))', SEARCH_SCOPE_WHOLE_SUBTREE, SEARCH_DEREFERENCE_ALWAYS, attributes=['description', 'displayName']) print('Search result:') pprint.PrettyPrinter(indent=4).pprint(c.result) print('Search response:') pprint.PrettyPrinter(indent=4).pprint(c.response) c.unbind() ################################################################################ Connection info: ldap://myhostname:389 - cleartext - user: myuser - version 3 - unbound - open - listening - SyncWaitStrategy Bind result: { 'description': 'success', 'dn': '', 'message': '', 'referrals': None, 'result': 0, 'saslCreds': 'None', 'type': 'bindResponse'} Traceback (most recent call last): File "\programs\python\python3_ldap_test.py", line 24, in attributes=['description', 'displayName']) File "C:\programs\python\ldap3\connection.py", line 190, in search response = self.postSendSearch(self.send('searchRequest', request, controls)) File "C:\programs\python\ldap3\strategy\syncWait.py", line 113, in postSendSearch responses = self.getResponse(messageId) File "C:\programs\python\ldap3\strategy\baseStrategy.py", line 164, in getResponse responses = self._getResponse(messageId) File "C:\programs\python\ldap3\strategy\syncWait.py", line 137, in _getResponse dictResponse = BaseStrategy.decodeResponse(ldapResp) File "C:\programs\python\ldap3\strategy\baseStrategy.py", line 217, in decodeResponse result = searchResultReferenceResponseToDict(component) File "C:\programs\python\ldap3\operation\search.py", line 440, in searchResultReferenceResponseToDict 'uri': searchRefsToList(response['uri']) File "C:\Python32\lib\site-packages\pyasn1-0.1.7-py3.2.egg\pyasn1\type\base.py", line 240, in __getitem__ def __getitem__(self, idx): return self.getComponentByPosition(idx) File "C:\Python32\lib\site-packages\pyasn1-0.1.7-py3.2.egg\pyasn1\type\univ.py", line 658, in getComponentByPosition def getComponentByPosition(self, idx): return self._componentValues[idx] TypeError: list indices must be integers, not str shell returned 1 Hit any key to close this window... ################################################################################ According to wireshark the search is sent and the server replies with the answer and also with several SeachResRef entries. Any ideas? Anything I can test to help? Thanks Cory L -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Tue Oct 1 15:21:44 2013 From: python3ldap at gmail.com (python3ldap) Date: Tue, 1 Oct 2013 15:21:44 +0200 Subject: [python3-ldap] Search exception In-Reply-To: References: Message-ID: Hello Cory, thanks for testing python3-ldap. I've release a minor update (0.6.2) that should fix the problem. Let me know if now it works. Thanks, Giovanni Have fun, gc 2013/9/30 Cory Lutton : > Hello, > > I have loaded up version 0.6.1 to test and am getting the output below on a > search. > I am testing against active directory from a windows pc with python 3.2.5. > > Here is my test script and the output: > ################################################################################ > from ldap3 import Server, Connection, STRATEGY_SYNC, AUTH_SIMPLE > from ldap3 import SEARCH_SCOPE_WHOLE_SUBTREE, SEARCH_DEREFERENCE_ALWAYS > import pprint > > LDAP_HOST = 'myhostname' > LDAP_USER = 'myuser' > LDAP_PASS = 'mypassword' > > s = Server(LDAP_HOST, port = 389) > c = Connection(s, autoBind = False, clientStrategy = STRATEGY_SYNC, > user=LDAP_USER, password=LDAP_PASS, authentication=AUTH_SIMPLE) > c.open() > print('Connection info:') > print(c) > > c.bind() > print('Bind result:') > pprint.PrettyPrinter(indent=4).pprint(c.result) > #print(s.info) > result = c.search('dc=MYDOMAIN,dc=COM', > '(&(objectCategory=person)(sAMAccountName=myuser))', > SEARCH_SCOPE_WHOLE_SUBTREE, > SEARCH_DEREFERENCE_ALWAYS, > attributes=['description', 'displayName']) > > print('Search result:') > pprint.PrettyPrinter(indent=4).pprint(c.result) > > print('Search response:') > pprint.PrettyPrinter(indent=4).pprint(c.response) > c.unbind() > ################################################################################ > Connection info: > ldap://myhostname:389 - cleartext - user: myuser - version 3 - unbound - > open - listening - SyncWaitStrategy > Bind result: > { 'description': 'success', > 'dn': '', > 'message': '', > 'referrals': None, > 'result': 0, > 'saslCreds': 'None', > 'type': 'bindResponse'} > Traceback (most recent call last): > File "\programs\python\python3_ldap_test.py", line 24, in > attributes=['description', 'displayName']) > File "C:\programs\python\ldap3\connection.py", line 190, in search > response = self.postSendSearch(self.send('searchRequest', request, > controls)) > File "C:\programs\python\ldap3\strategy\syncWait.py", line 113, in > postSendSearch > responses = self.getResponse(messageId) > File "C:\programs\python\ldap3\strategy\baseStrategy.py", line 164, in > getResponse > responses = self._getResponse(messageId) > File "C:\programs\python\ldap3\strategy\syncWait.py", line 137, in > _getResponse > dictResponse = BaseStrategy.decodeResponse(ldapResp) > File "C:\programs\python\ldap3\strategy\baseStrategy.py", line 217, in > decodeResponse > result = searchResultReferenceResponseToDict(component) > File "C:\programs\python\ldap3\operation\search.py", line 440, in > searchResultReferenceResponseToDict > 'uri': searchRefsToList(response['uri']) > File > "C:\Python32\lib\site-packages\pyasn1-0.1.7-py3.2.egg\pyasn1\type\base.py", > line 240, in __getitem__ > def __getitem__(self, idx): return self.getComponentByPosition(idx) > File > "C:\Python32\lib\site-packages\pyasn1-0.1.7-py3.2.egg\pyasn1\type\univ.py", > line 658, in getComponentByPosition > def getComponentByPosition(self, idx): return self._componentValues[idx] > TypeError: list indices must be integers, not str > shell returned 1 > Hit any key to close this window... > ################################################################################ > > According to wireshark the search is sent and the server replies with the > answer and also with several SeachResRef entries. > > Any ideas? Anything I can test to help? > > Thanks > > Cory L > > _______________________________________________ > python3-ldap mailing list > python3-ldap at python.org > https://mail.python.org/mailman/listinfo/python3-ldap > From python3ldap at gmail.com Mon Oct 7 02:26:14 2013 From: python3ldap at gmail.com (python3ldap) Date: Mon, 7 Oct 2013 02:26:14 +0200 Subject: [python3-ldap] python3-ldap 0.6.3 released Message-ID: Hello, I've released python3-ldap 0.6.3 with support for extensible match filter. Have fun, gc From jcasale at activenetwerx.com Mon Oct 14 15:32:46 2013 From: jcasale at activenetwerx.com (Joseph L. Casale) Date: Mon, 14 Oct 2013 13:32:46 +0000 Subject: [python3-ldap] RFC 2696 Message-ID: How does one implement this rfc in a search? I would be grateful if I could see an example of how the control list has a tuple formatted? With a synchronous search method, does the means by which the results are then utilized change or will all the results be accumulated before and passed on? Does the async method change in any way? Thanks! jlc From python3ldap at gmail.com Mon Oct 14 23:19:17 2013 From: python3ldap at gmail.com (python3ldap) Date: Mon, 14 Oct 2013 23:19:17 +0200 Subject: [python3-ldap] RFC 2696 In-Reply-To: References: Message-ID: Hello Joseph, you should be able to send the request using either the sync or async strategy. The problem is how to build the "payload" of the control value: according to rfc you must create a searchControl Value of the following format: realSearchControlValue ::= SEQUENCE { size INTEGER (0..maxInt), -- requested page size from client -- result set size estimate from server cookie OCTET STRING You should be able to do that using the pyasn1 module included in the library but I must admit it''s not so easy to do it. I try to create a specific function of the connection object for handling the paged search in one of the next release of python3-ldap. Can you tell me which ldap server are you using and the parameter of the search so I can replicate it in my lab? Have fun, gc 2013/10/14 Joseph L. Casale : > How does one implement this rfc in a search? I would be grateful if I could see an example > of how the control list has a tuple formatted? > > With a synchronous search method, does the means by which the results are then utilized > change or will all the results be accumulated before and passed on? Does the async method > change in any way? > > Thanks! > jlc > _______________________________________________ > python3-ldap mailing list > python3-ldap at python.org > https://mail.python.org/mailman/listinfo/python3-ldap From jcasale at activenetwerx.com Mon Oct 14 23:41:58 2013 From: jcasale at activenetwerx.com (Joseph L. Casale) Date: Mon, 14 Oct 2013 21:41:58 +0000 Subject: [python3-ldap] RFC 2696 In-Reply-To: References: Message-ID: > Hello Joseph, > you should be able to send the request using either the sync or async > strategy. The problem is how to build the "payload" of the control > value: according to rfc you must create a searchControl Value of the > following format: > > realSearchControlValue ::= SEQUENCE { > size INTEGER (0..maxInt), > -- requested page size from client > -- result set size estimate from server > cookie OCTET STRING > > You should be able to do that using the pyasn1 module included in the > library but I must admit it''s not so easy to do it. I try to create a > specific function of the connection object for handling the paged > search in one of the next release of python3-ldap. Can you tell me > which ldap server are you using and the parameter of the search so I > can replicate it in my lab? Hi Giovanni, Thank you for the reply and the hint to use the pyasn1 module. I am attempting to query large collections from Active Directory schema versions 2008R2 and up. So the default page size is 1000 so this is what I was trying to incorporate. Again, thank you very much for the time. jlc From python3ldap at gmail.com Tue Nov 5 17:26:45 2013 From: python3ldap at gmail.com (python3ldap) Date: Tue, 5 Nov 2013 17:26:45 +0100 Subject: [python3-ldap] python3-ldap 0.6.5 released Message-ID: Hello everybody, I've released python3-ldap 0.6.5 with the following enhancements: - It's now possible to executed simple paged search (rfc 2696) directly in the search request. - Also I've found a subtle problem with a faulty LDAP server returning empty (null) attributes values in search results (even if this is forbidden by the LDAP protocol itself that has no NULL definition). Now if there is any empty (null) value in a search response this is reported in the rawAttributes dictionary but not in the attributes dictionary. Bye, gc From python3ldap at gmail.com Thu Dec 12 19:26:07 2013 From: python3ldap at gmail.com (python3ldap) Date: Thu, 12 Dec 2013 19:26:07 +0100 Subject: [python3-ldap] Python3-ldap 0.7.0 released Message-ID: Hello everybody, I've release the 0.7.0 version of python3-ldap. The main feature of this release is support for LDIF as per rfc 2849. LDIF is a data interchange format for LDAP. It is defined in RFC 2849 in two different flavours: ldif-content and ldif-change. ldif-content is used to describe DIT entries in an ASCII stream (i.e. a file), while ldif-change is used to describe Add, Delete, Modfify and ModifyDn operations. These two format have different purposes and cannot be mixed in the same stream. If the dn of the entry or an attribute contains any unicode character the value must be base64 encoded, as specified in RFC 2849. Python3-ldap is compliant to the latest LDIF format (version: 1). You can use the ldif-content flavour with any search result: ... result = c.search('o=test','(cn=test-ldif*)', SEARCH_SCOPE_WHOLE_SUBTREE, attributes = ['sn', 'objectClass']) # request a few object from the ldap server ldifStream = c.responseToLDIF() ... ldifStream will contain: version: 1 dn: cn=test-ldif-1,o=test objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: Person objectClass: ndsLoginProperties objectClass: Top sn: test-ldif-1 dn: cn=test-ldif-2,o=test objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: Person objectClass: ndsLoginProperties objectClass: Top sn:: dGVzdC1sZGlmLTItw6DDssO5 # total number of entries: 2 you can even request a ldif-content for a response you saved early: ... result1 = c.search('o=test','(cn=test-ldif*)', SEARCH_SCOPE_WHOLE_SUBTREE, attributes = ['sn', 'objectClass']) # request a few object from the ldap server result2 = c.search('o=test','(!(cn=test-ldif*))', SEARCH_SCOPE_WHOLE_SUBTREE, attributes = ['sn', 'objectClass']) ldifStream = c.responseToLDIF(result1) ... ldifStream will contain the LDIF representation of the result1 entries. Now I'm working on the ldif-change flavour of the rfc. Here I include the last changelog because I didn't announce some minor releases on this mailing list: CHANGELOG: 0.7.0 - 2013.12.12 Added support for LDIF as per rfc 2849 Added ldif-content compliant search responses Added exception when using autoBind if connection is not successful 0.6.7 - 2013.12.03 Fixed exception when DSA is not willing to return rootDSE and schema info 0.6.6 - 2013.11.13 Added parameters to tests suite 0.6.5 - 2013.11.05 Modified rawAttributes decoding, now null (empty) values are returned even if invalid in protocol Have fun, gc From philipp at copythat.de Thu Dec 12 22:15:34 2013 From: philipp at copythat.de (Philipp Erbelding) Date: Thu, 12 Dec 2013 22:15:34 +0100 Subject: [python3-ldap] Compatibility mode Message-ID: <04EADA92-0DF6-4CD8-B119-63D6599E2CDD@copythat.de> Hi, from looking at the source for python3-ldap-0.7.0 it seems to me, that the compatibility mode for applications using python-ldap is not included yet. At least I did not find method signatures for the ones our application seems to be using. Am I missing something or is this still on the agenda to be tackled? A drop in replacement would be really useful and I think this is a very nice feature to have, especially for people stuck with maintaining software, whose original developers are sort of unavailable today? Kind regards, Philipp From python3ldap at gmail.com Thu Dec 12 22:56:34 2013 From: python3ldap at gmail.com (Python3-ldap) Date: Thu, 12 Dec 2013 22:56:34 +0100 Subject: [python3-ldap] R: Compatibility mode Message-ID: <52aa3151.04c20e0a.7af2.ffffbde2@mx.google.com> Hi Phillip, compatibility mode is not ready yet, I'm still working on some core features if the library. Once I have a stable version of the codebase I'll work on the abstraction layer and then on the python-ldap compatibility mode. Hope to have some good news soon. Bye, gc ----- Messaggio originale ----- Da: "Philipp Erbelding" Inviato: ?12/?12/?2013 22.17 A: "python3-ldap at python.org" Oggetto: [python3-ldap] Compatibility mode Hi, from looking at the source for python3-ldap-0.7.0 it seems to me, that the compatibility mode for applications using python-ldap is not included yet. At least I did not find method signatures for the ones our application seems to be using. Am I missing something or is this still on the agenda to be tackled? A drop in replacement would be really useful and I think this is a very nice feature to have, especially for people stuck with maintaining software, whose original developers are sort of unavailable today? Kind regards, Philipp _______________________________________________ python3-ldap mailing list python3-ldap at python.org https://mail.python.org/mailman/listinfo/python3-ldap -------------- next part -------------- An HTML attachment was scrubbed... URL: From python3ldap at gmail.com Sat Dec 21 19:50:23 2013 From: python3ldap at gmail.com (python3ldap) Date: Sat, 21 Dec 2013 19:50:23 +0100 Subject: [python3-ldap] Python3-ldap 0.7.1 released! Message-ID: Hello everybody, I've relased the 0.7.1 version of python3-ldap. This release complete the LDIF export feature. I've developed a new strategy (STRATEGY_LDIF_PRODUCER) that you can use to create a ldif stream for add, modify, delete and modifydn operations. Operations are not really sent to the server but in the response you get the ldif representation of the request, as per rfc 2849. For example: from ldap3 import Connection, STRATEGY_LDIF_PRODUCER connection = Connection(server = None, clientStrategy = STRATEGY_LDIF_PRODUCER) # no need of real LDAP server connection.add('cn=test-add-operation,o=test'), 'iNetOrgPerson', {'objectClass': 'iNetOrgPerson', 'sn': 'test-add', 'cn': 'test-add-operation'}) in connection.response you will find: version: 1 dn: cn=test-add-operation,o=test changetype: add objectClass: inetorgperson sn: test-add cn: test-add-operation I've also fixed a bug in the autoReferrals where controls where removed from subsequent operations. Have fun, gc