Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

OpenLDAP bind through python-ldap fails
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
DeIM
Tux's lil' helper
Tux's lil' helper


Joined: 11 Apr 2006
Posts: 91
PostPosted: Tue May 01, 2012 5:57 pm    Post subject: OpenLDAP bind through python-ldap fails Reply with quote
Hi,
have this config:
Code:
olcAccess: {0}to *  by anonymous auth
olcAccess: {1}to *  by dn.base="loginName=admin,dc=server,dc=com" manage
olcAccess: {2}to dn.subtree="ou=people,dc=server,dc=com" by dn.children="ou=g0,ou=section,dc=server,dc=com" manage
olcAccess: {3}to dn.subtree="ou=section,dc=server,dc=com" by dn.children="ou=g0,ou=section,dc=server,dc=com" manage

but I can't bind:
Code:
4fa0201f conn=1005 fd=16 ACCEPT from IP=127.0.0.1:34714 (IP=127.0.0.1:389)
4fa0201f conn=1005 op=0 BIND dn="uid=0,ou=g0,ou=section,dc=server,dc=com" method=128
4fa0201f conn=1005 op=0 RESULT tag=97 err=49 text=
4fa0201f conn=1005 op=1 UNBIND
4fa0201f conn=1005 fd=16 closed

I'm trying to bind by:
Code:
  l = ldap.initialize("ldap://localhost/")
  l.protocol_version = ldap.VERSION3
  l.simple_bind_s('uid=0,ou=g0,ou=section,dc=server,dc=com','pass')

On pass tried {MD5} and {SSHA} equivalents also.
uid=0,ou=g0,ou=section,dc=server,dc=com is alias of uid=0,ou=people,dc=server,dc=com

python-ldap 2.3.13
openldap 2.4.30

Thank you for any help :wink:
Back to top
View user's profile Send private message
RazielFMX
l33t
l33t


Joined: 23 Apr 2005
Posts: 673
Location: NY, USA
PostPosted: Tue May 01, 2012 8:25 pm    Post subject: Reply with quote
LDAP Error code 49 is invalid credentials. If you have anonymous bind, why are you passing creds? Also, is "0" a valid user id? Normally, uid fields in ldap are string user names, such as deim.
Back to top
View user's profile Send private message
DeIM
Tux's lil' helper
Tux's lil' helper


Joined: 11 Apr 2006
Posts: 91
PostPosted: Wed May 02, 2012 2:31 pm    Post subject: Reply with quote
I just wanna bind to user of uid "0" or with my loginName, no anonymous login.
I'd like to bind to one account in admin group of aliases in g0. Have g1...n for common privileges, but search there is performed only by the bound account mentioned before.
Maybe usage of loginName instead of uid will make the magic.
You say uid is usually login name string - it equals loginName and uid is a number in "my world".
It may be wrong but i understand ldap this way :wink:
Thank you.
Back to top
View user's profile Send private message
DeIM
Tux's lil' helper
Tux's lil' helper


Joined: 11 Apr 2006
Posts: 91
PostPosted: Thu May 10, 2012 7:13 am    Post subject: Reply with quote
Strange - it seems I can't bind to alias. Am I correct?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2013 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p9 © 2001, 2002 phpBB Group