Full_Name: Jason Colonno Version: 2.4.23-0ubuntu3.4 OS: Ubuntu 10.10 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (76.1.229.99)
When binding with a AD server using SSL, ldap functions work properly however when the unbind function is called it hangs indefinitely. The point of the function is to reset a user's passwords.
AD Server is Windows Server 2008 R2. Ldp.exe testing of connecting with the server does not have this problem since it does not use python-ldap.
Sample Code: bind_str = "ldaps://" + domain_controller + ":636/" l = ldap.initialize(bind_str) l.set_option( ldap.OPT_X_TLS_DEMAND, True ) l.set_option( ldap.OPT_DEBUG_LEVEL, 255 ) bind_str = "cn=" + binding_username + ",cn=Users,dc=" + domain_dc + ",dc=" + domain_ext l.simple_bind_s(bind_str, binding_password) new_gen_passwd = generate_temp_pw() unicode1 = unicode(""" + new_gen_passwd + """, "iso-8859-1") unicode2 = unicode1.encode("utf-16-le") new_password = unicode2 mod_attrs = [(ldap.MOD_REPLACE, 'unicodePwd', new_password)] l.modify_s(username, mod_attrs) l.unbind_s()
Also a simple SSL bind and unbind without any modifications to the AD yields the same hanging problem.
So far I don't see OpenLDAP specific issues here (assuming python-ldap is linked to OpenLDAP's client library). You can try the same operation using ldapmodify(1) and see if you can reproduce the problem using client tools. If you can't, the problem is likely unrelated to OpenLDAP. Otherwise, you should check whether it's python-ldap or AD specific. Unless you can narrow down the problem to libldap or OpenLDAP specific code, the issue does not belong to us.
p.