Comments on: Authenticating Against Active Directory With Python http://michaelonsecurity.com/2008/02/04/authenticating-against-active-directory-with-python/ Thoughts on IT Management and Security. Trying to Make it All Come Together. Sat, 19 Jul 2008 21:25:29 +0000 http://wordpress.org/?v=MU By: Michael Gorsuch http://michaelonsecurity.com/2008/02/04/authenticating-against-active-directory-with-python/#comment-24 Michael Gorsuch Sat, 08 Mar 2008 12:29:43 +0000 http://michaelonsecurity.com/?p=14#comment-24 Jacob - from rote, the Python LDAP module will do LDAP over SSL if you change your connection string to 'ldaps://mydomain.local'. Remember, though - a lot of LDAP servers have SSL off by default, including Active Directory. You may want to include a helpful test for customers that at least looks for basic connectivity to port 636 or 3269 before accepting the parameter as valid. I think a lot of people assume that SSL support is on out of the box. Jacob - from rote, the Python LDAP module will do LDAP over SSL if you change your connection string to ‘ldaps://mydomain.local’.

Remember, though - a lot of LDAP servers have SSL off by default, including Active Directory. You may want to include a helpful test for customers that at least looks for basic connectivity to port 636 or 3269 before accepting the parameter as valid. I think a lot of people assume that SSL support is on out of the box.

]]> By: Jacob Krall http://michaelonsecurity.com/2008/02/04/authenticating-against-active-directory-with-python/#comment-22 Jacob Krall Sat, 08 Mar 2008 03:59:35 +0000 http://michaelonsecurity.com/?p=14#comment-22 Hey MG, this code looks a lot like what I did in Wasabi this week. Does it encrypt the LDAP connection? I want to figure out how to do that for our FogBugz customers. Hey MG, this code looks a lot like what I did in Wasabi this week. Does it encrypt the LDAP connection? I want to figure out how to do that for our FogBugz customers.

]]>