You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
According to RFC 4512 Section 4.1.1, response controls can be attatched also to unsuccessful response messages.
But exceptions LDAPObject.result() or such raise don't have such information.
Are these any way to get response controls even if operations are not succeeded?
I'm encountering this problem when trying to interpret password policy response control from OpenLDAP 2.4 server.
Per draft-behera-ldap-password-policy Section 8.1.2.3.2, error controls such as passwordExpired are conveyed with return codes indicating operation errors.
Steps to reproduce:
enable password policy overlay on OpenLDAP 2.4 server
set a non-zero value to pwdMaxAge and userPassword to pwdAttribute of password policy ldap entry
create an user (entry) with userPassword attribute
wait for expiring
call LDAPObject.simple_bind_s() on the user (which raises ldap.INVALID_CREDENTIALS)
Issue description:
According to RFC 4512 Section 4.1.1, response controls can be attatched also to unsuccessful response messages.
But exceptions
LDAPObject.result()or such raise don't have such information.Are these any way to get response controls even if operations are not succeeded?
I'm encountering this problem when trying to interpret password policy response control from OpenLDAP 2.4 server.
Per draft-behera-ldap-password-policy Section 8.1.2.3.2, error controls such as
passwordExpiredare conveyed with return codes indicating operation errors.Steps to reproduce:
pwdMaxAgeanduserPasswordtopwdAttributeof password policy ldap entryuserPasswordattributeLDAPObject.simple_bind_s()on the user (which raisesldap.INVALID_CREDENTIALS)Operating system: Linux
Python version: 3.5.2
python-ldap version: 3.0.0