New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Kerberos auth with round-robin #953
Comments
hi @elijahgagne ! what version of ldap3 are you using? |
[egagne:ldap_test] 4s % pip list | grep ldap3
ldap3 2.9 |
it looks like you need to do
because I forgot to add |
Thanks. That got rid of the import error. Now I'm getting:
I've tried a few other things, but get similar errors about concat an |
hi @elijahgagne ! could you post a full stacktrace potentially? |
|
sorry, missed your previous comment. it looks like your the block is
your error is occurring in the |
oh i see. this is actually a bug 😬 let me fix this |
created #967 to fix |
fix is merged into dev and will be released with 2.9.1 |
@elijahgagne we should be releasing 2.9.1 soon, but in the meanwhile you can use with the new reverse dns settings let you mix and match, and make reverse dns optional. like you might have 2 servers in your pool in your script if your use case has everything as IPs or everything possessing reverse dns mappings, then you can use |
Thanks! I haven't figured it out yet, but I'll keep trying. Here are some details where I've changed IPs and hostnames to protect the innocent.
I'm testing mostly on my Mac, but I also tried it from a domain joined Linux box and got the same error. I can hardcode a domain controller hostname in the Python code and get Kerberos authentication to work. My hope is that I can avoid that and specify This hardcoded example works for me with only some minor tweaks from
|
ah this is the right use case for reverse dns but there might be some other issues with this approach. AD actually uses special DNS entries for a domain to indicate which controllers are LDAP-capable, and also to indicate their proper kerberos hostnames. |
Thanks for the help. When I do
|
My organization uses AD with round-robin DNS. I am trying to following the example at:
https://ldap3.readthedocs.io/en/latest/bind.html?highlight=ReverseDnsSetting#kerberos
But I'm getting the error:
I've tried adding
ReverseDnsSetting
to my import, this doesn't work:The text was updated successfully, but these errors were encountered: