i have currently have working code in linux which does ldapsearch here is the code
export LDAPTLS_CACERT=ldap.pem
ldapsearch -D 'CN=admuser,OU=Service Accounts,DC=InfoDir,DC=Dev,DC=AAA'
-H ldaps://server:1234 -b OU=People,DC=InfoDir,DC=Dev,DC=AAA -W "
(cn=staffid)"
this asks me password for admuser bind user and gives result. I need to code same in python. Here is my python code from ldap3 import Server, Connection, Tls import ssl cacertfile='ldap.pem' server = Server(host='hostname',port=1234) conn = Connection(server,'CN=admuser,OU=Service Accounts,DC=InfoDir,DC=Dev,DC=AAA','password,auto_bind=True) print(conn) this gives fine and gives me default ssl in conn object becuase ldap url has ldaps. However, this does not validate server cert which is not safe. Hence i further update my code to force tls here is the code..
from ldap3 import Server, Connection, Tls
import ssl
cacertfile='ldap.pem'
tls_conf = Tls(ssl.CERT_REQUIRED,ca_certs_file=cacertfile)
server = Server(host='hostname',port=1234,tls_conf)
conn = Connection(server,'CN=admuser,OU=Service
Accounts,DC=InfoDir,DC=Dev,DC=AAA','password,auto_bind=True)
print(conn)
When i run this i get exception
raise LDAPSocketOpenError('unable to open socket', exception_history)
ldap3.core.exceptions.LDAPSocketError:('unable to open socket',....'socket ssl wrapping error: unknown error(_ssl.c:3517..)
I am following the link for my code https://ldap3.readthedocs.io/en/latest/tutorial_intro.html
Please advise.
