源码:
#!/usr/bin/python # -*- coding: utf-8 -*- # filename: ldap_test.py import ldap,ldap.sasl import socket ''' 实现LDAP用户登录验证SAAL ''' ldap.sasl._trace_level=0 ldap.set_option(ldap.OPT_REFERRALS,0) ipaddr = "demo" ldapPath = "ldap://" + socket.gethostbyname(ipaddr) + ":389" method = "DIGEST-MD5" username = 'test1'.encode('utf-8') password = '0' sasl_dict = {ldap.sasl.CB_AUTHNAME:username, ldap.sasl.CB_PASS:password} try: l = ldap.initialize(ldapPath,trace_level=0) l.protocol_version = 3 sasl_auth = ldap.sasl.sasl(sasl_dict, method) print 20*'*',sasl_auth.mech,20*'*' print sasl_auth l.sasl_interactive_bind_s('', sasl_auth) #print 'OPT_X_SASL_USERNAME',repr(l.get_option(ldap.OPT_X_SASL_USERNAME)) except ldap.INVALID_CREDENTIALS, e: print e finally: l.unbind()
在linux下运行,提示:
{'info': "80090303: LdapErr: DSID-0C0904B3, comment: The digest-uri does not match any LDAP SPN's registered for this server., data 0, v1772", 'desc': 'Invalid credentials'}
simple-bind没有这个问题