Le 19/11/2015 19:43, Andrei Valoshyn a écrit :
Hello! I have slapd 2.4.39 and python 2.6
I tried to create an user via python when I tried do that with rootpermission - it's OK. But when I did this with config in slapd.conf"access to * bygroup.exact="cn=LDAP_admins,ou=Roles,ou=Groups,dc=exadel,dc=com" write"I have an error " ERR_employeeadd {'info': 'modifications requireauthentication', 'desc': 'Strong(er) authentication required'} "
I tried to use " l.protocol_version = ldap.VERSION{2,3} " via 389 port My function for adding ldif is : l = ldap.initialize(server) l.simple_bind(username, ldapsrvpassword) def employeeadd(): ldif = modlist.addModlist(attrs) l.add_s(dn,ldif)
Will be very appreciate for any help
Hello Andrei,
I suppose that the username you use is a member ofcn=LDAP_admins,ou=Roles,ou=Groups,dc=exadel,dc=com, but whichobjectClass did you use in your group? By default, the OpenLDAP ACLsystem will use groupOfNames, searching user in the member attribute. Ifyou have for example a groupOfUnixNames, you need to set your ACL likethis:access to * bygroup/groupOfUniqueNames/uniqueMember.exact="cn=LDAP_admins,ou=Roles,ou=Groups,dc=exadel,dc=com"write
Hello *Clément*, Thank you for reply! I have groupOfNames and posixGroup objectClass. But at that moment this problem was fixed. The matter of fact Python had some problem. It was reinstalled. Thank you!