From 46f54cb918dadadbad45ff3086f0b9884f53be1b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20B=C3=BChler?= Date: Fri, 28 Apr 2023 16:04:18 +0200 Subject: [PATCH 1/2] README.md: fix typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 63600f8..4b24dbd 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ CLI tool to query LDAP/AD servers * Decodes certain well-known attributes (UUIDs, Timestamps, SID, userAccountControl) * Requires server to support [RFC 2696: Simple Paged Results](https://www.rfc-editor.org/rfc/rfc2696) for proper pagination * By default the first 1000 entries are shown, and it errors if there are more results - * Use `-all` to show all results + * Use `--all` to show all results ## Authentication, Protocol, Ports From a08154cff83161f1bd9667dc01cee554093b5763 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20B=C3=BChler?= Date: Fri, 28 Apr 2023 17:20:46 +0200 Subject: [PATCH 2/2] enable tls unless kerberos is used (SASL GSS-API doesn't seem to work over TLS) --- src/ldaptool/search/_search.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ldaptool/search/_search.py b/src/ldaptool/search/_search.py index 5a423b1..124f1f5 100644 --- a/src/ldaptool/search/_search.py +++ b/src/ldaptool/search/_search.py @@ -21,7 +21,7 @@ def search(*, config: Config, arguments: Arguments) -> typing.Iterable[Result]: if not arguments.base: arguments.base = realm.default_base(gc=arguments.gc) - ldap_con = ldap.initialize(realm.ldap_uri(gc=arguments.gc, tls=False, server=arguments.server)) + ldap_con = ldap.initialize(realm.ldap_uri(gc=arguments.gc, tls=not arguments.krb, server=arguments.server)) ldap_con.set_option(ldap.OPT_REFERRALS, 0) if arguments.krb: ldap_con.sasl_gssapi_bind_s()