search

cannatag / ldap3

a strictly RFC 4510 conforming LDAP V3 pure Python client. The same codebase works with Python 2. Python 3, PyPy and PyPy3
Other
880 stars 272 forks source link

Automatic Bind on connections fail with LDAPBindError after upgrade to 2.8 #864

Open wsidl opened 4 years ago

wsidl commented 4 years ago

I could previously create a connection to my AD server and auto_bind with ease. Since upgrading to 2.8 and had the Windows Credential renew, I can no longer login with auto_bind.

Details:

code:

srv = ldap3.Server('ldap_server', get_info=ldap3.ALL, use_ssl=True)
conn = ldap3.Connection(srv, 'cn=User,ou=Services,ou=group,dc=domain,dc=local', '....', auto_bind=True)

generates:

Traceback (most recent call last):
  File "<input>", line 1, in <module>
  File "\site-packages\ldap3\core\connection.py", line 356, in __init__
    self._do_auto_bind()
  File "\site-packages\ldap3\core\connection.py", line 405, in _do_auto_bind
    raise LDAPBindError(error)
LDAPBindError: automatic bind not successful - invalidCredentials

If I downgrade the library to 2.7 (ldap3==2.7), and run this code again, it works as expected. On top of this, once I am able to get the credentials generated locally, if I upgrade again to ldap3==2.8, this code segment will work.

JKocerka commented 4 years ago

I have a very similar error:

  File "/usr/local/lib/python3.8/site-packages/ldap3/abstract/cursor.py", line 625, in search
    self._execute_query(query_scope, attributes)
  File "/usr/local/lib/python3.8/site-packages/ldap3/abstract/cursor.py", line 341, in _execute_query
    with self.connection:
  File "/usr/local/lib/python3.8/site-packages/ldap3/core/connection.py", line 534, in __enter__
    raise LDAPBindError('unable to bind')
ldap3.core.exceptions.LDAPBindError: unable to bind

I'm using mockup connection (server from json definition) and MOCK_SYNC strategy. The whole code is running on the docker container (python:slim).

Works ok with library set to 2.7, after upgrading it throws an error.

cannatag commented 4 years ago

Hi, I see you’re using the MOCK_SYNC strategy, could you send me a snippet of code (including the json definition) that raises the error?

Thanks, Giovanni

Il giorno 8 set 2020, alle ore 16:40, Jerzy Kocerka notifications@github.com ha scritto:

 I have a very similar error:

File "/usr/local/lib/python3.8/site-packages/ldap3/abstract/cursor.py", line 625, in search self._execute_query(query_scope, attributes) File "/usr/local/lib/python3.8/site-packages/ldap3/abstract/cursor.py", line 341, in _execute_query with self.connection: File "/usr/local/lib/python3.8/site-packages/ldap3/core/connection.py", line 534, in enter raise LDAPBindError('unable to bind') ldap3.core.exceptions.LDAPBindError: unable to bind I'm using mockup connection (server from json definition) and MOCK_SYNC strategy. The whole code is running on the docker container (python:slim).

Works ok with library set to 2.7, after upgrading it throws an error.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

JKocerka commented 4 years ago

Unfortunately I can't share it as it's a dump from a real AD server and I'm not allowed to share it anywhere.

I can try next week to get the same behaviour on a config without any sensitive data if you can not reproduce it anyhow else.