[ldap] allow working connection to some ADs (closes #2408829) stable
authorAurelien Campeas <aurelien.campeas@logilab.fr>
Wed, 20 Jun 2012 12:30:57 +0200
branchstable
changeset 8473 2646a8e99b0d
parent 8472 444a8e25c940
child 8474 1197bd6f5ceb
[ldap] allow working connection to some ADs (closes #2408829)
server/ldaputils.py
--- a/server/ldaputils.py	Wed Jul 18 17:26:59 2012 +0200
+++ b/server/ldaputils.py	Wed Jun 20 12:30:57 2012 +0200
@@ -250,10 +250,11 @@
         except ldap.LDAPError: # Invalid protocol version, fall back safely
             conn.set_option(ldap.OPT_PROTOCOL_VERSION, ldap.VERSION2)
         # Deny auto-chasing of referrals to be safe, we handle them instead
-        #try:
-        #    connection.set_option(ldap.OPT_REFERRALS, 0)
-        #except ldap.LDAPError: # Cannot set referrals, so do nothing
-        #    pass
+        # Required for AD
+        try:
+           conn.set_option(ldap.OPT_REFERRALS, 0)
+        except ldap.LDAPError: # Cannot set referrals, so do nothing
+           pass
         #conn.set_option(ldap.OPT_NETWORK_TIMEOUT, conn_timeout)
         #conn.timeout = op_timeout
         # Now bind with the credentials given. Let exceptions propagate out.