Python LDAP module --- must I always run "whoami_s()" to successfully authenticate?

Question

Fortunately this code is just for testing, and is short enough to just copy/paste here in it's entirety. Basically, I need to bind to a dn in order to get the specific details of my search. Otherwise if not bound, it binds anonymously and then I can only get barebones information. I can't seem to successfully bind unless I explicitly run whoami_s() after binding.

Code which does not work (binds anonymously):

l = ldap.initialize("ldap://myldapserver")
l.simple_bind("cn=test,ou=profile,dc=site,dc=com", "abc123")
basedn = "ou=people,dc=site,dc=com"
filter = "uid=bob"
results = l.search_st(basedn, ldap.SCOPE_SUBTREE, filter)
for entry in results:
   print entry

Code which does work (successfully binds and provides all possible details):

l = ldap.initialize("ldap://myldapserver")
l.simple_bind("cn=test,ou=profile,dc=site,dc=com", "abc123")
l.whoami_s()  ### <---- This is the only difference ###
basedn = "ou=people,dc=site,dc=com"
filter = "uid=bob"
results = l.search_st(basedn, ldap.SCOPE_SUBTREE, filter)
for entry in results:
   print entry

I find the documentation on the LDAP module quite lacking (for example, I can't find anything which details the exact differences between bind, bind_s, simple_bind, and simple_bind_s, but that's a question for another day.). I can't find anything that explicitly says you need to finalize the bind with whoami_s() or anything. Should I just accept it, or should I be worried?

Python: 2.6.9
LDAP module: 2.4.13

Answer 1

Figured this out just by trial and error. First of all, after more searching, I found a site that explicitly states the differences between bind, bind_s, simple_bind, and simple_bind_s: http://www.packtpub.com/article/installing-and-configuring-the-python-ldap-library-and-binding-to-an-ldap-directory

The methods without the "s" at the end are asynchronous --- the code continues on whether or not the operation has completed. The methods with the "s" at the end are synchronous --- the code stops and waits for the operation to complete.

So what I was facing here was a race conditon of sorts. I put a "time.sleep(1)" in place of the "whoami_s()", and that solved the problem. This led me to realize that I needed to change from "simple_bind" to "simple_bind_s". I was getting to the LDAP query code too quickly, before I was properly bound, so it was executing anonymously.