Yaroslav Shepilov

To be honest, I would prefer a script, so I can debug it locally in IDE. Just seeing it is not very helpful

Hi @charles-nulud script server doesn't use anonymous authentication (that's why a user has to provide username and password). It uses SIMPLE protocol, with bind_dn and password. Unfortunately, other protocols are...

Could you tell me please, what did you modify exactly?

But with such changes, a user can specify any credentials and still login (with admin rights)

But this is effectively the same as what script server is doing. You are using SIMPLE protocol as well. The only difference is that you are using `user_dn` instead of...

`conn = ldap3.Connection(server, user=user_dn, password=password, auto_bind=True)` Isn't it what you are doing here? Logging in (connecting) as a normal user.

Sorry, I'm not a LDAP expert, and don't fully understand how it works. From my understanding, by doing `conn = ldap3.Connection(server, user=user_dn, password=password, auto_bind=True)` you are creating a completely new...

Just to double-check, will it also work, if you remove this part: ``` conn.search(LDAP_BASE_DN, '(uid={})'.format(username)) if conn.entries: user_dn = conn.entries[0].entry_dn ``` And just use username set by script server?

``` def _connect(self, full_username, password): server = ldap3.Server(LDAP_SERVER, port=LDAP_PORT) conn = ldap3.Connection(server, user=LDAP_BIND_DN, password=LDAP_BIND_PW, auto_bind=True) try: conn = ldap3.Connection(server, user=full_username, password=password, auto_bind=True) print('Login successful!') except ldap3.core.exceptions.LDAPBindError: print('Login failed!') else: print('User...

My point is: `conn.search(LDAP_BASE_DN, '(uid={})'.format(username))` this should be 100% redundant