diff --git a/README.md b/README.md index 94ac7d2..7d4a4be 100644 --- a/README.md +++ b/README.md @@ -31,4 +31,8 @@ ldap_password = verysecurepassword # LDAP scope of the search ldap_scope = LEVEL + +# LDAP extended option +# If the server is samba, ldap_support_extended is should be no +ldap_support_extended = yes ``` diff --git a/radicale_auth_ldap/__init__.py b/radicale_auth_ldap/__init__.py index 49edd93..55ed3d5 100644 --- a/radicale_auth_ldap/__init__.py +++ b/radicale_auth_ldap/__init__.py @@ -44,6 +44,7 @@ class Auth(BaseAuth): BINDDN = self.configuration.get("auth", "ldap_binddn") PASSWORD = self.configuration.get("auth", "ldap_password") SCOPE = self.configuration.get("auth", "ldap_scope") + SUPPORT_EXTENDED = self.configuration.getboolean("auth", "ldap_support_extended", fallback=True) if BINDDN and PASSWORD: conn = ldap3.Connection(SERVER, BINDDN, PASSWORD) @@ -80,8 +81,12 @@ class Auth(BaseAuth): conn = ldap3.Connection(SERVER, user_dn, password) conn.bind() self.logger.debug(conn.result) - whoami = conn.extend.standard.who_am_i() - self.logger.debug("LDAP whoami: %s" % whoami) + if SUPPORT_EXTENDED: + whoami = conn.extend.standard.who_am_i() + self.logger.debug("LDAP whoami: %s" % whoami) + else: + self.logger.debug("LDAP skip extended: call whoami") + whoami = conn.result['result'] == 0 if whoami: self.logger.debug("LDAP bind OK") return True