Hi. We at the Open Planning Project are trying to use
google-apps-for-your-domain-ldap-sync to synchronize our ldap server to our
google apps account. After the provided shell script failed, we noticed
that there was no way to specify TLS in the resulting GUI. So we
downloaded
http://google-apps-for-your-domain-ldap-sync.googlecode.com/files/gafyd-ldap-syn
c-r100.tar.gz
as we read in the documentation that this was a supported option. Firstly,
I was surprised to find that the tarball extracted to the current working
directory and not a subdirectory! But not a big issue.
In our config, we set `tls_option = 'demand'`. However, the running
`connect` gives
{{{
CONFIDENTIALITY_REQUIRED: {'info': 'TLS confidentiality required', 'desc':
'Confidentiality required'}
01-07 14:55 root ERROR Connection failed
}}}
We were able to bypass this error by using the following patch:
{{{
$ diff -u ldap_ctxt.py.orig ldap_ctxt.py
--- ldap_ctxt.py.orig 2010-01-07 15:09:41.948808760 -0500
+++ ldap_ctxt.py 2010-01-07 15:09:49.252902412 -0500
@@ -143,6 +143,7 @@
self._config.TestConfig(self, ['ldap_url'])
self.conn = ldap.initialize(self.ldap_url)
self.protocol_version = 3
+ self.conn.start_tls_s()
self.conn.bind_s(self.ldap_admin_name, self.ldap_password,
ldap.AUTH_SIMPLE)
return None
}}}
Not sure why this works and the code above this in the python module does
not? In my experience with python-ldap, I've always started TLS this way
and not with ldap.OPT_X_*
What steps will reproduce the problem?
1. Try using TLS on a machine. It didn't work for us.
2. Not sure what else there is to try
3.
What is the expected output? What do you see instead?
Would expect a successful connect. Instead I get the error:
{{{
CONFIDENTIALITY_REQUIRED: {'info': 'TLS confidentiality required', 'desc':
'Confidentiality required'}
01-07 14:55 root ERROR Connection failed
}}}
What version of the product are you using? On what operating system?
http://google-apps-for-your-domain-ldap-sync.googlecode.com/files/gafyd-ldap-syn
c-r100.tar.gz
{{{
$ uname -a
Linux worktop 2.6.31.9-174.fc12.x86_64 #1 SMP Mon Dec 21 05:33:33 UTC 2009
x86_64 x86_64 x86_64 GNU/Linux
$ cat /etc/fedora-release
Fedora release 12 (Constantine)
}}}
Please provide any additional information below.
Original issue reported on code.google.com by accou...@topplabs.org on 7 Jan 2010 at 8:15
Original issue reported on code.google.com by
accou...@topplabs.org
on 7 Jan 2010 at 8:15