Menu
I'm trying to setup python-ldap on macOS Sierra. When I try use the module (which works in my live env running on CentOS) I get the below error, which upon searching looks to be something to do with the install of OpenLDAP or python-ldap on macOS, but I'm yet to find an article that explains how to fix it.
Thus far I have installed OpenLDAP via homebrew which has not fixed the issue:
error:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/exception.py", line 42, in inner
response = get_response(request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 249, in _legacy_get_response
response = self._get_response(request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 187, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/usr/local/lib/python2.7/site-packages/django/core/handlers/base.py", line 185, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/views.py", line 47, in inner
return func(*args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/django/views/decorators/debug.py", line 76, in sensitive_post_parameters_wrapper
return view(request, *args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/django/utils/decorators.py", line 149, in _wrapped_view
response = view_func(request, *args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/django/views/decorators/cache.py", line 57, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/views.py", line 81, in login
if form.is_valid():
File "/usr/local/lib/python2.7/site-packages/django/forms/forms.py", line 169, in is_valid
return self.is_bound and not self.errors
File "/usr/local/lib/python2.7/site-packages/django/forms/forms.py", line 161, in errors
self.full_clean()
File "/usr/local/lib/python2.7/site-packages/django/forms/forms.py", line 371, in full_clean
self._clean_form()
File "/usr/local/lib/python2.7/site-packages/django/forms/forms.py", line 398, in _clean_form
cleaned_data = self.clean()
File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/forms.py", line 191, in clean
self.user_cache = authenticate(username=username, password=password)
File "/usr/local/lib/python2.7/site-packages/django/contrib/auth/__init__.py", line 74, in authenticate
user = backend.authenticate(**credentials)
File "/itapp/itapp/backend.py", line 39, in authenticate
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,settings.AD_CERT_FILE)
File "/usr/local/lib/python2.7/site-packages/ldap/functions.py", line 135, in set_option
return _ldap_function_call(None,_ldap.set_option,option,invalue)
File "/usr/local/lib/python2.7/site-packages/ldap/functions.py", line 66, in _ldap_function_call
result = func(*args,**kwargs)
ValueError: option error
I have installed openldap via brew as per the below
alexs-mbp:~ alex$ brew install openldap
Warning: openldap is a keg-only and another version is linked to opt.
Use `brew install --force` if you want to install this version
alexs-mbp:~ alex$ brew install openldap --force
Warning: openldap-2.4.44 already installed, it's just not linked.
and i have installed python-ldap with pip
alexs-mbp:~ alex$ sudo pip install python-ldap
The directory '/Users/alex/Library/Caches/pip/http' or its parent directory is not owned by the current user and the cache has been disabled. Please check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
The directory '/Users/alex/Library/Caches/pip' or its parent directory is not owned by the current user and caching wheels has been disabled. check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
Requirement already satisfied: python-ldap in /usr/local/lib/python2.7/site-packages
Requirement already satisfied: setuptools in /usr/local/lib/python2.7/site-packages (from python-ldap
781
The solution for me was that I needed to include the brew-based openldap libraries when doing the pip install python-ldap
The information you'll need can be found by doing brew info openldap where it says something like:
For compilers to find this software you may need to set:
LDFLAGS: -L/usr/local/brew/opt/openldap/lib
CPPFLAGS: -I/usr/local/brew/opt/openldap/include
My openldap install is at /usr/local/brew/opt/openldap/so this required a command like:
LDFLAGS="-L/usr/local/brew/opt/openldap/lib" CPPFLAGS="-I/usr/local/brew/opt/openldap/include" pip install python-ldap
Try uninstalling python-ldap (pip uninstall python-ldap) and then run the brew info openldap and use your specific paths to openldap lib and include directory in the above command
Note: I also had an issue with my clang compiler not finding the MacOS SDK sasl.h, but i dont know if this was just me. This was solved by adding --global-option=build_ext --global-option="-I$(xcrun --show-sdk-path)/usr/include/sasl" to the above command line
128
I installed python-ldap (version 2.3.10_3) using MacPorts on macOS Sierra 10.12.4 with:
sudo port install py27-ldap
this also pulled OpenLDAP dependency (version 2.4.44_2).
I can execute the code:
import ldap
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,'cacert-2017-01-18.pem')
without errors (CA cert file from https://curl.haxx.se/ca/cacert-2017-01-18.pem)
Which steps did you follow to install OpenLDAP and python-ldap?
Edit:
I think I found something relevant, can you try the test code above with the cert file I linked?
I suspect a permission/.pem format error
2
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With