Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Python ldap macOS - ValueError: option error

I'm trying to setup python-ldap on macOS Sierra. When I try use the module (which works in my live env running on CentOS) I get the below error, which upon searching looks to be something to do with the install of OpenLDAP or python-ldap on macOS, but I'm yet to find an article that explains how to fix it.

Thus far I have installed OpenLDAP via homebrew which has not fixed the issue:

error:

Traceback (most recent call last):
  File "/usr/local/lib/python2.7/site-packages/django/core/handlers/exception.py", line 42, in inner
    response = get_response(request)
  File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 249, in _legacy_get_response
    response = self._get_response(request)
  File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 187, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 185, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/views.py", line 47, in inner
    return func(*args, **kwargs)
  File "/usr/local/lib/python2.7/site-packages/django/views/decorators/debug.py", line 76, in sensitive_post_parameters_wrapper
    return view(request, *args, **kwargs)
  File "/usr/local/lib/python2.7/site-packages/django/utils/decorators.py", line 149, in _wrapped_view
    response = view_func(request, *args, **kwargs)
  File "/usr/local/lib/python2.7/site-packages/django/views/decorators/cache.py", line 57, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/views.py", line 81, in login
    if form.is_valid():
  File "/usr/local/lib/python2.7/site-packages/django/forms/forms.py", line 169, in is_valid
    return self.is_bound and not self.errors
  File "/usr/local/lib/python2.7/site-packages/django/forms/forms.py", line 161, in errors
    self.full_clean()
  File "/usr/local/lib/python2.7/site-packages/django/forms/forms.py", line 371, in full_clean
    self._clean_form()
  File "/usr/local/lib/python2.7/site-packages/django/forms/forms.py", line 398, in _clean_form
    cleaned_data = self.clean()
  File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/forms.py", line 191, in clean
    self.user_cache = authenticate(username=username, password=password)
  File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/__init__.py", line 74, in authenticate
    user = backend.authenticate(**credentials)
  File "/itapp/itapp/backend.py", line 39, in authenticate
    ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,settings.AD_CERT_FILE)
  File "/usr/local/lib/python2.7/site-packages/ldap/functions.py", line 135, in set_option
    return _ldap_function_call(None,_ldap.set_option,option,invalue)
  File "/usr/local/lib/python2.7/site-packages/ldap/functions.py", line 66, in _ldap_function_call
    result = func(*args,**kwargs)
ValueError: option error 

I have installed openldap via brew as per the below

alexs-mbp:~ alex$ brew install openldap
Warning: openldap is a keg-only and another version is linked to opt.
Use `brew install --force` if you want to install this version
alexs-mbp:~ alex$ brew install openldap --force
Warning: openldap-2.4.44 already installed, it's just not linked.

and i have installed python-ldap with pip

alexs-mbp:~ alex$ sudo pip install python-ldap
The directory '/Users/alex/Library/Caches/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
The directory '/Users/alex/Library/Caches/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
Requirement already satisfied: python-ldap in /usr/local/lib/python2.7/site-packages
Requirement already satisfied: setuptools in /usr/local/lib/python2.7/site-packages (from python-ldap
like image 781
AlexW Avatar asked Apr 10 '17 16:04

AlexW


2 Answers

The solution for me was that I needed to include the brew-based openldap libraries when doing the pip install python-ldap

The information you'll need can be found by doing brew info openldap where it says something like:

For compilers to find this software you may need to set:
    LDFLAGS:  -L/usr/local/brew/opt/openldap/lib
    CPPFLAGS: -I/usr/local/brew/opt/openldap/include

My openldap install is at /usr/local/brew/opt/openldap/so this required a command like:

LDFLAGS="-L/usr/local/brew/opt/openldap/lib" CPPFLAGS="-I/usr/local/brew/opt/openldap/include" pip install python-ldap

Try uninstalling python-ldap (pip uninstall python-ldap) and then run the brew info openldap and use your specific paths to openldap lib and include directory in the above command

Note: I also had an issue with my clang compiler not finding the MacOS SDK sasl.h, but i dont know if this was just me. This was solved by adding --global-option=build_ext --global-option="-I$(xcrun --show-sdk-path)/usr/include/sasl" to the above command line

like image 128
spacepickle Avatar answered Nov 13 '22 08:11

spacepickle


I installed python-ldap (version 2.3.10_3) using MacPorts on macOS Sierra 10.12.4 with:

sudo port install py27-ldap

this also pulled OpenLDAP dependency (version 2.4.44_2).

I can execute the code:

import ldap
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,'cacert-2017-01-18.pem')

without errors (CA cert file from https://curl.haxx.se/ca/cacert-2017-01-18.pem)

Which steps did you follow to install OpenLDAP and python-ldap?

Edit:

I think I found something relevant, can you try the test code above with the cert file I linked?

I suspect a permission/.pem format error

like image 2
fedterzi Avatar answered Nov 13 '22 07:11

fedterzi