So for some reason this error keeps happening whenever I attempt to connect over LDAPS to a Windows 2019 DC:
(master origin +1) λ (msldap-8EeS3tco) msldap -v ldaps://GRU\\Administrator:P@ssw0rd!@172.16.164.150
DEBUG:asyncio:Using selector: KqueueSelector
$
$ login
url None
==== MSLDAPCredential ====
auth_method: LDAPAuthProtocol.PLAIN
domain: GRU
username: Administrator
password: P@ssw0rd!
settings: {}
==== MSLDAPTarget ====
proto: ldaps
host: 172.16.164.150
tree: None
port: 636
proxy: None
Traceback (most recent call last):
File "/Users/byt3bl33d3r/.virtualenvs/msldap-8EeS3tco/lib/python3.7/site-packages/msldap-0.2.1-py3.7.egg/msldap/examples/msldapclient.py", line 44, in do_login
self.connection.connect()
File "/Users/byt3bl33d3r/.virtualenvs/msldap-8EeS3tco/lib/python3.7/site-packages/msldap-0.2.1-py3.7.egg/msldap/connection.py", line 52, in connect
self._con = Connection(self._srv, user=self.login_credential.get_msuser(), password=self.login_credential.password, authentication=self.login_credential.get_authmethod(), auto_bind=True)
File "/Users/byt3bl33d3r/.virtualenvs/msldap-8EeS3tco/lib/python3.7/site-packages/ldap3-2.5.1-py3.7.egg/ldap3/core/connection.py", line 321, in __init__
self.do_auto_bind()
File "/Users/byt3bl33d3r/.virtualenvs/msldap-8EeS3tco/lib/python3.7/site-packages/ldap3-2.5.1-py3.7.egg/ldap3/core/connection.py", line 336, in do_auto_bind
self.open(read_server_info=False)
File "/Users/byt3bl33d3r/.virtualenvs/msldap-8EeS3tco/lib/python3.7/site-packages/ldap3-2.5.1-py3.7.egg/ldap3/strategy/sync.py", line 56, in open
BaseStrategy.open(self, reset_usage, read_server_info)
File "/Users/byt3bl33d3r/.virtualenvs/msldap-8EeS3tco/lib/python3.7/site-packages/ldap3-2.5.1-py3.7.egg/ldap3/strategy/base.py", line 147, in open
raise LDAPSocketOpenError('unable to open socket', exception_history)
ldap3.core.exceptions.LDAPSocketOpenError: ('unable to open socket', [(LDAPSocketOpenError('socket ssl wrapping error: [Errno 22] Invalid argument'), ('172.16.164.150', 636))])
At first I thought it was because the underlying LDAP connection was trying to validate the TLS cert but it seems like the DC is just sending a TCP RST packet so it's not even getting to the TLS negotiation:
Not sure if you encountered this before so thought I'd open an issue. Googled it and it seems like a bug in the underlying ldap3 library
Heya,
So for some reason this error keeps happening whenever I attempt to connect over LDAPS to a Windows 2019 DC:
At first I thought it was because the underlying LDAP connection was trying to validate the TLS cert but it seems like the DC is just sending a TCP
RST
packet so it's not even getting to the TLS negotiation:Not sure if you encountered this before so thought I'd open an issue. Googled it and it seems like a bug in the underlying
ldap3
library