我如何验证对AD使用Python + LDAP。我目前使用Python-LDAP库和所有它正在生产的泪水。

How do I authenticate against AD using Python + LDAP. I'm currently using the python-ldap library and all it is producing is tears.

我甚至不能绑定到执行一个简单的查询：

I can't even bind to perform a simple query:

import sys
import ldap


Server = "ldap://my-ldap-server"
DN, Secret, un = sys.argv[1:4]

Base = "dc=mydomain,dc=co,dc=uk"
Scope = ldap.SCOPE_SUBTREE
Filter = "(&(objectClass=user)(sAMAccountName="+un+"))"
Attrs = ["displayName"]

l = ldap.initialize(Server)
l.protocol_version = 3
print l.simple_bind_s(DN, Secret)

r = l.search(Base, Scope, Filter, Attrs)
Type,user = l.result(r,60)
Name,Attrs = user[0]
if hasattr(Attrs, 'has_key') and Attrs.has_key('displayName'):
  displayName = Attrs['displayName'][0]
  print displayName

sys.exit()

与 myusername@mydomain.co.uk密码，用户名运行这给了我两个错误之一：

Running this with myusername@mydomain.co.uk password username gives me one of two errors:

无效的凭证 - 当我输错或故意使用错误的凭据它无法验证

Invalid Credentials - When I mistype or intentionally use wrong credentials it fails to authenticate.

ldap.INVALID_CREDENTIALS：{'信息'：'80090308：LdapErr：DSID-0C090334，注释：AcceptSecurityContext错误，数据52E，vece，说明：无效的凭证'}

ldap.INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece', 'desc': 'Invalid credentials'}

或

ldap.OPERATIONS_ERROR：{'信息'：'00000000：LdapErr：DSID-0C090627，注释：为了执行此操作成功绑定必须在连接上完成，数据0，vece，说明： 操作错误}

ldap.OPERATIONS_ERROR: {'info': '00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece', 'desc': 'Operations error'}

我是什么错过了正确绑定？

What am I missing out to bind properly?

我在Fedora和窗户得到同样的错误。

I am getting the same errors on fedora and windows.

推荐答案

我是缺少

l.set_option(ldap.OPT_REFERRALS, 0)

这是初始化。