CHANGELOGΒΆ

  • 2.2.3 2017.04.30
    • abstraction layer query converts int values to string (thanks dgadmin)
    • CaseInsensitiveDictWithAlias doesn’t raise an exception anymore if alias is set multiple times to the same key
    • friendly names in AttrDef are properly managed when performing commits in Writer cursors
    • no more errors when server returns an empty schema (thanks Glen)
    • range attributes in entries are properly recognized when auto_range is False
    • fixed random errors in auto_range searches (thanks James)
    • fixed checking of malformed schema
    • added configuration parameter IGNORE_MALFORMED_SCHEMA to not raise exception for servers that don’t follow the LDAP RFCs (defaults to False)
    • test config moved to test/config.py
    • testcase_id generated randomly for each test
    • added ATTRIBUTES_EXCLUDED_FROM_OBJECT_DEF parmeter to exclude some attribute from automatic populate of ObjectDef in Abstract Layer (helpful for AD)
    • added IGNORED_MANDATORY_ATTRIBUTES_IN_OBJECT_DEF parmeter to exclude some attribute from mandatory attribute list in ObjectDef in Abstract Layer (helpful for AD)
    • fixed error when using implicit assigning in WritableEntry
    • added LDAPInvalidValueError Exception
    • in Python 3 byte filter are converted to unicode before parsing
    • RESPONSE_DN_ENCODING parameter renamed to ADDITIONAL_ENCODINGS
    • to_unicode(value, encoding=None, additional_encodings=False) now checks for additional encoodings in ADDITIONAL_ENCODINGS list if additional_encoding is set to True
    • Reusable strategy uses not lazy Restartable connections

    . Reusable strategy doesn’t keep requesting the schema - connection pool size in Reusable strategy defaults to 5 - optimized usage of configuration parameters

  • 2.2.2 2017.03.17
    • PLAIN mechanism added to SASL authentication (thanks Janusz)
    • added RESULT_RESERVED return code (thanks Rak)
    • added RESPONSE_DN_ENCODING in config for flaky servers that return non utf-8 encoded DN. Set it to a list of encoding to sequentially try for decodign DNs.
    • removed StopIteration in generators (deprecated by PEP 479)
    • fixed a bug when converting AD datetimes on Windows systems
    • added compatibility with pyasn1 0.2.3
    • fixed NTLM authentication with pyasn1 0.2.3
    • fixed an error when installing via executable on Windows (thanks TrumSteven)
    • added ‘raw_dn’ key in search response dictionary. It contains the DN byte value returned for DN by the server
    • attributes with ”;binary” tag can now be retrieved in abstraction layer with the usual entry.atttribute syntax
    • updated tests for OpenLDAP
    • fixed error when in add/remove extend operation for case mismatch in user or group dn
    • integer validator now automatically convert valid string numbers to int
    • invalid timezone are checked when validating Generalized Time Format
    • added test cases for validators
  • 2.2.1 2017.02.12
    • tested against pyasn1 0.2.2 (thanks Ilya)
    • get_response() has an optional new parameter “get_request” to return the request too, helpful in asynchronous strategies
    • connection.request, connection.response and connection result are now properly blanked in async strategies
    • ldap3.utils.dn.safe_dn() now checks for AD names only if no equal sign is present in the dn
    • abstraction layer properly works with asynchronous strategies
    • added a named tuple “Operation” used to store the request, result and response of an LDAP operation in Cursor history
    • cursors in the Abstraction Layer keep history of executed LDAP operations for the last Cursor operation in the cursor.operation property
    • Cursors in the Abstraction Layer keep history of errors for the last Cursor operation in the cursor.errors property
    • if any error has occurred in the last operation of a Cursor the cursor.failed property is set to True
    • added a named tuple “Operation” for storing request, result and response of an LDAP operation in Cursor history
    • Cursor honours raise_exception parameter of the Connection.
    • Cursor commit() return True if operations are successful and False if not. All pending commits are executed even if some fail
    • new entries that have no additional mandatory attributes other those defined in dn are properly managed in Writers (thanks Matt)
    • CaseInsensitiveDict now properly strips blanks from keys
    • updated hashing alghoritm SHA to SHA1 (thanks Satoh)
    • added match_dn(dn) to Cursor for matching entries with specified text in DN
    • added match(attributes, value) for matching entries with specified value in one or more attribute values. It checks values and raw_values
    • Cursors have simple match capability. When key is a string Cursor tries to match it against the DN of entries found.
  • 2.2.0 2017.01.16
    • tested againsts Python 3.6.0, Python 2.7.13 and Python 2.6.6
    • updated docs regarding search response attributes (thanks James)
    • fixed LDIF representation for operation_to_ldif (thanks m7four)
    • fixed rebind for pooled connections
    • fixed custom sort order in LDIF representation of entry
    • added Active Directory GUID syntax for safe_dn() (thanks dinhngtu)
    • added pre-post read control (thanks Elizabeth)
    • added add_members_to_groups in microsoft.extend namespace for Active Directory
    • added remove_members_to_groups in microsoft.extend namespace for Active Directory
    • refactored internal extend.microsoft and extend.novell structures
    • fixed auto_escape for extended characters (thanks asand3r)
    • validators now transform the Python value to a valid LDAP value when appropriate (thanks Sjd-Risca)
    • added validator for boolean types
    • added validator for date types
    • fixed representation of binary data in Abstraction Layer for Python 2
    • added auto_encode parameter to Connection object (defaults to True)
    • limited auto_escape feature only to filter values
    • escape_filter_chars doens’t try anymore to guess if the value is already escaped.
    • added ldap3.conv.is_filter_safe() (thanks Robert)
    • added auto_escape parameter to connection.search() to override connection auto_escape behaviour (defaults to None)
    • auto_escape is not applied to filter value if already escaped
    • automatically encode output to stdout encoding for repr() and str() (for printing and logging attributes values).
    • binary data are converted to a hex values string in repr() and str() (for printing and logging attributes values).
    • auto_encoding is performed only for well known attribute types that use Unicode format in LDAP
    • CLASSES_EXCLUDED_FROM_CHECK and ATTRIBUTES_EXCLUDED_FROM_CHECK moved to ldap3.utils.config and made available via get_config_parameter()
    • added UTF8_ENCODED_SYNTAXES in ldap3.config.utils and made available via get_config_parameter()
    • added UTF8_ENCODED_TYPES in ldap3.config.utils and made available via get_config_parameter()
    • config parameters made available only via get_config_parameters()
    • removed to_bytes() and check_escape() from ldap3.utils.conv (ambiguous functions)
    • added connection.request to MockSync (thanks Fabian)
    • tags are properly managed in add, compare and modify requests (thanks guidow)
    • in Mock strategies single-valued attributes are properly managed
    • in Mock strategies attributes type names are properly managed
    • implemented extended operation machinery in MockBase
    • implemented WhoAmI [RFC4532] in Mock strategies
    • implemented GetBindDn [NOVELL] in Mock strategies
    • implemented operational attributes machinery in MockBase
    • implemented entryDN [RFC5020] operational attribute in MockBase
    • Sphinx updated to 1.5.1
  • 2.1.1 2016.11.18
    • Mock strategy uses case insensitive matching when appropriate
    • fixed error when adding a virtual attribute in the abstract Entry object
    • fixed error messages in Entry moving and renaming
    • Reverted default connection strategy to SYNC (thanks Mauro)
    • Fixed tutorials (thanks Mauro)
    • Fixed checking of schema in ObjectDef (thanks Pierre)
    • Fixed checking of stdin in config (thanks Oleg)
    • fixed commit of entry with async strategies
    • fixed reading of entries in async strategies
    • added cipher argument to Tls (thanks Nicolas)
    • fixed bug when using the abstraction layer with lazy connections
    • fixed case matching while adding new entry in Writer cursor (thanks t0neg)
    • disabled auto_escape for byte values
    • fixed auto_escape for python 2
    • fixed tutorials (thanks Ivano)
  • 2.1.0 2016.11.03
    • changed default Connection strategy from SYNC to RESTARTABLE
    • enable automatic escaping of assertion values
    • fixed decoding error with check_name=False
    • added auto_escape parameter in connection, for trying automatic filter and attribute values escape
    • fixed checking of schema in MockBase
    • SASLBindInProgress doesn’t raise an exception anymore with raise_exceptions=True
    • standard formatters are applied in mocking strategies when serching for exact match
  • 2.0.9 2016.10.28
    • removed sanitization of DN in bind operation because some servers accept non standard DN for Simple Bind
  • 2.0.8 2016.10.28
    • included referral caching (thanks TWAC)
  • 2.0.7 2016.10.27
    • FIRST RELEASE OF LDAP3 V2
    • changed signature of ldap3.abstract.Reader object
    • removed search_size_limit(), search_time_limit() and search_types_only in the Reader cursor
    • fixed SASL in progress error (thanks Styleex)
    • fixed ALL_ATTRIBUTES in MOCK_SYNC strategy (thanks Belgarion)
    • ncorrect attribute type error message now includes the name of the attribute (Thanks Andrej)
    • relaxed dn checking for Active Directory UserPrincipalName
    • relaxed dn checking for Active Directory SamAccountName
    • added checking of attribute name in add, compare and search operations
    • added checking of class name in add operation
    • renamed exception LDAPTypeError to LDAPAttributeError
    • in sync strategies LDAP operations populate the last_error attribute of the connection in case of not RESULT_SUCCESS
    • connection.return_empty_attributes defaults to True
    • escaped filter by default
    • fixed escaping of filter
    • add move and rename to abstraction layer entry
    • ldap3 namespace decluttered
    • RESULT_CODES moved to ldap3.core.results
    • compatibility constants removed
    • exceptions removed from ldap3 namespace, defined in ldap3.core.exceptions only
    • ADDRESS_INFO_REFRESH_TIME is now configurable via set_config_parameter
    • Operational attribute prefix set to ‘OA_
    • Allows cert and key file in the same file (thanks Jan-Philip)
    • Removed logging info when logging is disabled (thanks Dan)
    • Updated copyright notice
    • Refactored abstraction layer with full support for CRUD (Create, Read, Update, Delete) abstract operations
    • Added WritableEntry and WritableAttribute to abstraction layer
    • Added standard validators for attribute types and syntaxes defined in the standard LDAP schema
    • Added custom validators for attribute values
    • Added update capability to abstraction layer
    • Fixed typo in docs (thanks Gerardwx)
    • Fixed Object and Attribute representation in schema (superior class not shown)
    • ObjectDef automatically populates attributes from schema, following object_class hierarchy
    • Added attributes parameter to search* methods of Cursor, so that only needed attributes are read even if attr_defs defines more
    • Fixed connect_timeout not honored while wrapping socket in tls (thanks Kyle)
    • Added ‘set’ to SEQUENCE_TYPES (thanks Christian)
    • Entries returned by search are now writable via the abstraction layer
    • LDAPReaderError exception renamed to LDAPCursorError
    • auto_range parameter in Connection defaults to True (thanks Ashley)
    • get_info defaults to SCHEMA while defining Server object
    • Included ordereddict 1.1 (# Copyright (c) 2009 Raymond Hettinger) in ldap3.utils.ordDict for backporting OrderedDict in Python 2.6
    • Added config parameter RESET_AVAILABILITY_TIMEOUT to reinsert invalid address in candidate_addresses while checking connection, defaults to 5 seconds
    • Fixed inability to connect to a server if the connection starts when the server is unavailable and then it becomes available again
    • All DNs are sanitized if connection.check_names is True
    • LDAPControlsError exception renamed to LDAPControlError
    • LDAPChangesError exception renamed to LDAPChangeError
    • The following older constants in ldap3 have been removed, please use the suggested ones:
    • AUTH_ANONYMOUS = ANONYMOUS
    • AUTH_SIMPLE = SIMPLE
    • AUTH_SASL = SASL
    • SEARCH_SCOPE_BASE_OBJECT = BASE
    • SEARCH_SCOPE_SINGLE_LEVEL = LEVEL
    • SEARCH_SCOPE_WHOLE_SUBTREE = SUBTREE
    • SEARCH_NEVER_DEREFERENCE_ALIASES = DEREF_NEVER
    • SEARCH_DEREFERENCE_IN_SEARCHING = DEREF_SEARCH
    • SEARCH_DEREFERENCE_FINDING_BASE_OBJECT = DEREF_BASE
    • SEARCH_DEREFERENCE_ALWAYS = DEREF_ALWAYS
    • STRATEGY_SYNC = SYNC
    • STRATEGY_ASYNC_THREADED = ASYNC
    • STRATEGY_LDIF_PRODUCER = LDIF
    • STRATEGY_SYNC_RESTARTABLE = RESTARTABLE
    • STRATEGY_REUSABLE_THREADED = REUSABLE
    • STRATEGY_MOCK_SYNC = MOCK_SYNC
    • STRATEGY_MOCK_ASYNC = MOCK_SYNC
    • POOLING_STRATEGY_FIRST = FIRST
    • POOLING_STRATEGY_ROUND_ROBIN = ROUND_ROBIN
    • POOLING_STRATEGY_RANDOM = RANDOM
    • GET_NO_INFO = NONE
    • GET_DSA_INFO = DSA
    • GET_SCHEMA_INFO = SCHEMA
    • GET_ALL_INFO = ALL
  • 1.4.0 2016.07.18
    • Multiple Mock strategies now share entries when using the same Server object
    • Added AsyncStreamStrategy
    • Added Connection.extend.standard.persistent_search() (Thanks martinrm77)
    • Added escaping of character > 0x7F in filter validation (thanks cfelder)
    • Added better descriptions of Exception in abstraction layer (thanks cfelder)
    • Added queue in Persistent Search
    • Added callback in Persistent Search
    • MockStrategy now honors raise_exception parameter (thanks Simon)
  • 1.3.3 2016.07.03
    • Change paameter name from ‘check’ to ‘fix’ in connection.extend.novell.add_members_to_groups() and connection.extend.novell.remove_members_from_groups
    • Added connection.extend.novell.check_groups_memberships() that check if members are in groups and fixes the user-group relation if incorrect
    • Updated docs link to ldap3.readthedocs.io
    • Fixed error in utils.conv.check_escape (thanks Anjuta)
    • Fixed typo in server.py when IP_V4_PREFERRED is used (thanks eva8668)
    • Host name certificate matching exception and logging is much more informative (thanks eddie-dunn)
    • Fixed typo in docs for use_ssl (thanks Brooks Kindle)
    • Tested against Python 2.6., Python 2.7.12, Python 3.5.2 and PyPy 5.3.1
  • 1.3.2 2016.07.01
    • unreleased on pypi
  • 1.3.1 2016.05.11
    • Added support for mocking the ldap3 library
    • Added support for MockSync strategy (thanks Roxana)
    • Added checked_attributes=True parameter to connection.response_to_json()
    • Added checked_attributes=True parameter to entry.entry_to_json()
    • MockSyncBase strategy supports bind(), unbind(), delete(), compare(), modify(), modify_dn(), abandon(), add()
    • MockSyncBase strategy accepts directory entries in json file
    • Fixed schema representation (thanks Conrado)
    • Allow connection.abandon(0), useful to “ping” the server
    • Added connection.abandon() test suite
    • Reusable strategy checks bind credential at bind() time, only on one worker connection
    • Reusable strategy ignores abandon() operation because of multiple connection workers
    • Reusable strategy honours return_empty_attributes connection parameter
    • Added lazy information to connection representation
    • Added support for hash (LM:NTLM) Windows NTLM authentication (thanks Dirk)
    • Fixed representation of empty attributes in connection.entries
    • Comparison of entry attributes value is easier
    • Added new extended operation connection.extend.novell.start_transaction()
    • Added new extended operation connection.extend.novell.end_transaction()
    • Added new extended operation connection.extend.novell.add_members_to_groups(members, groups, check, transaction)
    • Added new extended operation connection.extend.novell.remove_members_from_groups(members, groups, check, transaction)
    • Added new exception LDAPTransactionError
    • Added logic to handle Novell Transaction Error Unsolicited Notice
    • Ignore cheching of ssl context when cadata, cafile and capath are not provided (thanks DelboyJan)
  • 1.2.2 2016.03.23
    • repr encoding set to ‘ascii’ when sys.stdout.encoding is None (thanks Jeff)
  • 1.2.1 2016.03.19
    • try to use the requested ssl protocol in SSLContext for Python>=3.4 (thanks Patrick)
    • added return_empty_attributes to Connection object to return an empty list when the attribute requested is missing in the retrieved object
  • 1.1.2 2016.03.10
    • Added rebind() method to Connection object to rebind with a different user (thanks Lorenzo)
    • Added Tests for rebind operation
    • Start_tls honored in referrals
    • Default ldaps port honored in referrals
    • Additional connection parameters honored in referrals and in the restartable strategy
    • Server connection timeout is honored while connecting, connection receive timeout while receiving
    • Extended operations followed on referrals (thanks Pavel)
    • Added receive_timeout parameter in Connection object to set socket in non-blocking mode with a specified timeout (thanks Antho)
    • Fixed abstract entry __getattr__() throwing KeyError instead of AttributeError (thanks Kilroy)
    • Fixed start_tls() Reusable strategy
  • 1.0.4 2016.01.25
    • Controls can be added to extended operation in the extend package (thanks Hinel)
  • 1.0.3 2015.12.1
    • Fixed set_config_parameter (thanks Sigmunau)
    • Disabled unauthenticated authentication, see RFC 4513 section 5.1.2 (thanks Petros)
    • Fixed falsey value in abstract Entry object __contains__() (thanks Vampouille)
  • 1.0.2 2015.12.07
    • Allowed_referral_hosts in Server objects defaults to [(‘*’, True)] to accept any referral server with authentication
    • Referral uri is now properly percent-undecoded (thanks TWAC)
    • Referral Server object now use the same configuration of the original Server object
    • Fixed __contains__() in Entry object (thanks Vampouille)
  • 1.0.1 2015.12.06
    • Removed the compat package
    • Refactored docs for extend operations
  • 1.0.0 2015.12.06
    • Private RC for production
    • Status moved to 5 - Production/Stable
  • 0.9.9.4 2015.12.02
    • Added items() to CaseInsensitiveDict class (thanks Jan-Hendrik)
    • Added set_config_parameter() in ldap3 namespace to modify the values of the configurable parameters of ldap3
    • Added microsoft.extend.modify_password() extended operation to change AD password
    • Fixed find_active_random_server() in pooling (thanks Sargul)
    • Fixed referral decoding in fast ber decoder (thanks TWAC)
  • 0.9.9.3 2015.11.15
    • Added LDAPI (LDAP over IPC) support for unix socket communication
    • Added mandatory_in and optional_in in server schema for attribute types. Now you can see in which classes attributes are used
    • Added last_transmitted_time and last_received_time to Usage object to track time of the last sent and received operation
    • Exception SessionTerminatedByServer renamed to SessionTerminatedByServerError and added to ldap3 namespace
    • Added get_config_parameter() in ldap3 namespace to read the current value of ldap3 configurable parameters
    • Added SASL mechanism name as constants in the ldap3 namespace
    • Added escape_filter_chars in utils.conv (thanks Peter)
    • Reverted ALL_ATTRIBUTES behaviour in search to 0.9.9.1 (thanks Petros)
  • 0.9.9.2 2015.10.19
    • Fixed hasattr() behaviour for Entry object in Python 3
    • Allows empty sasl_credentials in SASL bind
    • Added POOLING_LOOP_TIMEOUT constant to specify how many seconds the server pooling strategy has to wait before retrying if it did not find an active server (defaults to 10)
    • Pooling strategy now allows to specify the number of cycles to try when finding a server (with active=N)
    • Pooling strategy now allows to specify how many seconds a server must be considered offline before retrying to check for availabiliry (with exhaust=N)
    • Connection.entries defaults to empty list
    • ALL_ATTRIBUTES don’t send any attribute in the attribute list (was sending ‘*’) while searching
    • Added DirSync extended function for Microsoft Active Directory
    • Added LDAP_SERVER_DIRSYNC_OID control for Microsoft Active Directory
    • Added LDAP_SERVER_EXTENDED_DN_OID control for Microsoft Active Directory
    • Added LDAP_SERVER_SHOW_DELETED_OID control for Microsoft Active Directory
    • Fixed AD tests for single valued attributes
    • Added ACL attribute in the ATTRIBUTES_EXCLUDED_FROM_CHECK list
  • 0.9.9.1 2015.09.21
    • Allows empty member values in groups while adding - this should not be as per rfc4511 4.1.7, but some servers expects it (thanks John)
    • Faster case insensitive dict while getting and setting key (thanks Pierre)
    • Updated setuptools to 18.3.2
    • Updated wheel to 0.26
    • Tested against Python 2.6 - Python 2.7 - Python 3.3 - Python 3.4 - Python 3.5 - pypy - pypy3
  • 0.9.9 2015.09.09
    • Fixed boolean value for True value in ASN.1 encoding for certain ldap servers. (thanks Will)
    • Fixed follow auto referrals. (thanks WIll)
    • Now protocol defined integer values can be used for scope and derefAliases arguments when searching. (thanks Will)
    • Added description field in the AttrDef object. (thanks Hogne)
    • Added a custom ber decoder. Decoding of received packets is now 10x faster.
    • Added new boolean argument fast_decoder in connection object. Defaults to True.
    • Highest date correctly managed by the format_ad_timestamp() formatter. (thanks Will)
    • Fix for latest gssapi kerberos authentication module (thanks Alex)
    • Added freeIPA OID descriptors
    • Removed unneeded OidInfo class
  • 0.9.8.8 2015.08.14
    • Coerce objectClass to a list in Add operation. (thanks Yutaka)
    • ObjectClass attribute values mantain their order in the Add operation. (thanks Yutaka)
    • Fixed search filter composition when the value part of the assertion contains = character. (thanks Eero)
    • Fixed modify_password extended operation when no hash method is specified. (thanks midnightlynx)
    • Added credentials to kerberos authentication. (thanks Alex)
    • Target name can be specified in sasl_credentials for Kerberos authentication. (thanks Alex)
    • Target name can be read from DNS in sasl_credential for Kerberos authentication. (thanks Alex)
    • Fixed connection.entries error when referrals are in the search response. (thanks WIll)
  • 0.9.8.7 2015.07.19
    • Backported ssl.match_hostname from Python 3.4.3 standard library to be used in Python < 2.7.10
    • Use backports.ssl_match_hostname if present instead of static backported functions for matching server names in ssl certificate (thanks Michal)
    • Attributes values are properly printed when not strings in abstract.attribute (thanks hogneh)
    • Checking unicode __repr__() in python2
    • Added hashing capability to Modify Password extended operation (thanks Gawain)
  • 0.9.8.6 2015.06.30
    • Modify operation now accept multiple changes for same attribute (Thanks Lorenzo)
    • Fixed entries property in connection when objects from multiple object classes are returned
    • Hide sensitive data in logging. use the utils.log.set_library_hide_sensitive_data(False) to show sensitive data and utils.log.get_library_hide_sensitive_data() to get the current value
    • Limited number of characters in a single log line. use the utils.log.set_library_log_max_line_length(length) to set and utils.log.get_library_log_max_line_length(length) to get the current value
    • Added CHANGES.txt with full changelog, latest changes only in README.txt
  • 0.9.8.5.post2 2015.06.24
    • Updated pyasn1 to 0.1.8
    • Fixed error in not filter with pyasn1 0.1.8
  • 0.9.8.5 2015.06.23
    • Updated docs with ldap operations pages
    • Fixed a bug where an Exception was raised on OpenBSD for missing IPV4_MAPPED flag
    • Fixed missing add operation usage metrics
    • Abstract Attribute doesn’t permit “falsy” values or None as default (thanks Lucas)
  • 0.9.8.4 2015.05.19
    • Added EXTENDED log detail level with prettyPrint description of ldap messages
    • Fixed logging of IPv6 address description
    • Fixed checking of open address when dns returns more than one ip for the same host
    • Fixed selection of proper address when failing back from IPv6 to IPv4 and vice-versa
    • When sending controls controlValue is now optional (as stated in RFC 4511), specify None to not send it
    • Moved badges to shields.io
  • 0.9.8.3 2015.05.11
    • Added support for logging
    • Added LDAPInvalidTlsSpecificationError exception
    • Added support for kerberos sasl - needs the gssapi package (thanks sigmaris and pefoley2)
    • Added support for using generator objects in ldap operations (thanks Matt)
    • Fixed bug in collect_usage (thanks Philippe)
    • Changed default server mode from IP_SYSTEM_DEFAULT to IP_V6_PREFERRED
  • 0.9.8.2 2015.04.08
    • SaslCred returned as raw bytes (thanks Peter)
    • Search_paged now properly works in abstract.reader (thanks wazboy)
  • 0.9.8.1 2015.04.04
    • Added NTLMv2 authentication method
    • extend.standard.who_am_i() now try to decode the authzid as unicode
    • Tests for AD (Active Directory) now use tls_before_bind when opening a connection
    • 0.9.8 not working for pypi problems
  • 0.9.7.12 2015.03.18
    • Fixed missing optional authzid in digestMD5 sasl mechanism (thanks Damiano)
    • Changed unneeded classmethods to staticmethods
  • 0.9.7.11 2015.03.12
    • Fixed address_info resolution on systems without the IPV4MAPPED flag (thanks Andryi)
  • 0.9.7.10 2015.02.28
    • Fixed bug in PagedSearch when server has a hard limit on the number of entries returned (thanks Reimar)
    • 0.9.7.9 not working for pypi problems
    • 0.9.7.8 not working for pypi problems
    • 0.9.7.7 not working for pypi problems
    • 0.9.7.6 not working for pypi problems
  • 0.9.7.5 2015.02.20
    • Fixed exception raised when opening a connection to a server. If there is only one candidate address and there is an error it returns the specific Exception, not a generic LDAPException error
    • Address_info filters out any impossible address to reach
    • Address_info include an IPV4MAPPED address for IPV6 host that try to reach an IPV4 only server
    • Added SyncMock strategy (needs the sldap3 package)
    • Fixed bug when using the aproximation operation in ldap search operations (thanks Laurent)
    • Removed response from exception raised with raise_exceptions=True to avoid very long exceptions message
  • 0.9.7.4 2015.02.02
    • Added connection.entries property for storing response from search operations as and abstract.Entry collection.
  • 0.9.7.3 2015.01.25
    • Modify operation type can also be passed as integer
  • 0.9.7.2 2015.01.16
    • Fixed a bug when resolving IP address with getaddrinfo(). On OSX returned an UDP connection (thanks Hiroshi).
  • 0.9.7.1 2015.01.05
    • Moved to Github
    • Moved to Travis-CI for continuous integration
    • Moved to ReadTheDocs for documentation
    • Moved testing servers in the cloud, to allow testing from Travis-CI
    • Project renamed from python3-ldap to ldap3 to avoid name clashing with the existing python-ldap library
    • Constant values in ldap3 are now strings. This is helpful in testing and debugging
    • Test suite fully refactored to be used in cloud lab and local development lab
    • Test suite includes options for testing against eDirectory, Active Directory and OpenLDAP
  • 0.9.7 2014.12.17
    • Fixed bug for auto_range used in paged search
    • Added dual IP stack mode parameter in Server object, values are: IP_SYSTEM_DEFAULT, IP_V4_ONLY, IP_V4_PREFERRED, IP_V6_ONLY, IP_V6_PREFERRED
    • Added read_server_info parameter to bind() and start_tls() to avoid multiple schema and info read operations with auto_bind
    • Redesigned Reusable (pooled) strategy
    • Added LDAPResponseTimeoutError exception raised when get_response() doesn’t receive any response in the allowed timeout period
    • Added shortened authentication parameters in ldap3 namespace: ANONYMOUS, SIMPLE, SASL
    • Added shortened scope parameters in ldap3 namespace: BASE, LEVEL, SUBTREE
    • Added shortened get_info parameters in ldap3 namespace: NONE, DSA, SCHEMA, ALL
    • Added shortened alias dereferencing parameters in ldap3 namespace: DEREF_NONE, DEREF_SEARCH, DEREF_BASE, DEREF_ALWAYS
    • Added shortened connection strategy parameters in ldap3 namespace: SYNC, ASYNC, LDIF, RESTARTABLE, REUSABLE
    • Added shortened pooling strategy parameters in ldap3 namespace: FIRST, ROUND_ROBIN, RANDOM
    • Added reentrant lock to avoid race conditions in the Connection object
    • When runs in Python 2.7.9 uses SSLContext
    • Tested against Python 2.7.9, PyPy 2.4.0 and PyPy3 2.4.0
    • setuptools updated to 8.2.1
  • 0.9.6.2 2014.11.17
    • Changed SESSION_TERMINATED_BY_SERVER from 0 to -2
    • Removed unneeded FORMAT_xxx variables in ldap3 namespace
    • Fixed bug in auto_range when search operation returns search continuations
    • Added infrastructure for Mock DSA (not functional yet)
  • 0.9.6.1 2014.11.11
    • Added boolean parameter “auto_range” to catch the “range” ldap tag in searches. When true all needed search operation are made to fully obtain the whole range of result values
    • Fixed bug in sdist
    • Added offline schema for Fedora 389 Directory Server 1.3.3
    • Fixed bug while reading DSA info
  • 0.9.6 2014.11.01
    • New feature ‘offline schema’ to let the client have knowledge of schema and DSA info even if not returned by the server
    • Offline schema for Novell eDirectory 8.8.8
    • Offline schema for Microsoft Active Directory 2012 R2
    • Offline schema for slapd 2.4 (Openldap)
    • Added server.info.to_json() and server.info.to_file to JSON serialize schema and info from Server object
    • Added Server.from_json() and Server.from_file() to create a Server object from a JSON definition
    • Added response_to_json() and response_to_file() to Connection object to serialize search response entries in JSON as a string or as a file
    • New exception hierarchy LDAPConfigurationError includes library configuration exceptions
    • New exception LDAPInvalidConfigurationDefinitionError
    • Dsa info and schema are not read twice when binding (thanks phobie)
    • LDAPStartTLSError exception is merged with exception raised from ssl packaged
    • Digest-MD5 SASL authentication accepts directives with list attributes (thanks John)
    • Fixed caseInsensitiveDictionary for keys() and values() methods
    • Fixed matching of certificate name in ssl with Python2
    • Attributes names and formatters are checked even if schema is not read by the server
    • Fixed fractional time when parsing generalized time
    • Specific decoder for Active Directory ObjectGuid and ObjectSid
    • Added additional checking for unicode in Python 2
    • Tested against Python 3.4.2, 2.7.8, 2.6.6
    • Updated setuptools to 7.0
  • 0.9.5.4 2014.09.22
    • Fixed security issue in lazy connections (thanks Moritz)
    • Added ldap3.utils.dn with parse_dn(dn) to verify dn compliance with RFC4514
    • Added safe_dn(dn) to properly escape dn (if possible)
    • Added ldap3.utils.uri with parse_uri(uri) to verify uri compliance with RFC4516
    • Check for trailing slashes in hostname (thanks Dylan)
    • Timeout for socket connect operation. Server.connect_timeout = seconds_to_wait_for_establishing_connection (thanks Florian)
    • Closing socket error doesn’t raise exception anymore
    • ServerPool can be implicity defined with a list of server names (even when defining a connection)
  • 0.9.5.3 2014.08.24
    • elements returned in schema and dsa info are in a case insensitive dictionary (can be changed in ldap3.CASE_INSENSITIVE_SCHEMA_NAMES = True|False)
    • attributes name returned in searches are now case insensitive (can be changed in ldap3.CASE_INSENSITIVE_ATTRIBUTE_NAMES = True|False)
    • change parameter name from separe_rdn to separate_rdn in ldap3.utils.conv.to_dn()
    • sync dev from Bitbucket to GitHub
    • schema attributes are explicitly read (useful for Active directory and 389 Directory Server)
    • new extended operation: list_replicas (Novell)
    • new extended operation: get_replica_info (Novell)
    • new extended operation: partition_entry_count (Novell)
    • renamed convert_to_ldif() to _convert_to_ldif()
  • 0.9.5.2 2014.08.05
    • fixed LDAPOperationResult.__str__ (thanks David)
    • added to_dn() in utils.conv to convert a dn string to a list of components (strings or tuples)
    • added __version__ in ldap3
    • don’t raise exception if the schema cannot be read in unauthenticated state
    • server.address_info is now a property
  • 0.9.5.1 2014.08.02
    • getaddrinfo called only once
    • real_server machinery removed - messageId is now global and monotonic for the whole library
    • attributes are returned formatted if schema is read and check_names = True, removed checked_attributes
    • bind result is populated again when successful (was removed in 0.9.2.1)
    • exception is now raised if you receive multiple extended response to a single extended request. This is not allowed by RFC 4511
  • 0.9.5 2014.07.22
    • added support for IPv6 (thanks Robert)
    • auto_bind can be used even for establishing tls, possible values (defined in ldap3) are: AUTO_BIND_NONE, AUTO_BIND_NO_TLS, AUTO_BIND_TLS_AFTER_BIND, AUTO_BIND_TLS_BEFORE_BIND
    • refactored extend package to use classes
    • new extended operation: get_universal_password (Novell)
    • new extended operation: set_universal_password (Novell)
    • added parsing of hostname in scheme://hostname:hostport format. This has the precedence on the parameters (thanks Sorin)
    • added extra checks when the schema is read (with the get_info parameter) but nothing is returned by the server
    • updated setuptools to version 5.4.1
    • when check_name is True and schema is read attributes are checked and formatted in “checked_attributes” as specified by RFCs following the server schema
    • added formatter for generalizedTime syntax as specified in RFC4517 (ASN.1)
    • custom formatter can be added in Server definition
  • 0.9.4.2 2014.07.03
    • Moved to Bitbucket + Mercurial
    • Fixed import in core.tls package
    • Removed unneeded imports
  • 0.9.4.1 2014.07.02
    • included missing extend package (thanks to debnet)
  • 0.9.4 2014.07.02
    • when running in python 3.4 or newer now Tls class uses SSLContext object with default secure setting
    • added parameters ca_certs_path, ca_certs_data, local_private_key_password to Tls object creation, valid when using SSLContext
    • in python 3.4 or newer the system CA certificates configuration can be used (just leave ca_cert_file, ca_certs_path and ca_certs_data set to None)
    • removed TLSv1 as default for Tls connection
    • upgraded backported ssl function from python 3.4.1 when using with python 2
    • when creating a connection the server parameter can be a string: the name of the server to connect in cleartext on default port 389
    • fixed bug in ldap3.util.conv.escape_bytes()
    • attributes parameter in search can be a tuple
    • check_names parameter in connection now defaults to True (so when schema info is available attribute and class name will be checked when performing LDAP operations)
    • remove the connection.close() method - use connection.unbind()
    • new exception LDAPExtensionError for signalling when the requestValue of extended operation is of an unknown ASN1 type
    • exiting connection manager doesn’t raise an exception if unbind is not successful (needed in long operations)
    • new extended operation: modify_password (RFC3062)
    • new extended operation: who_am_i (RFC4532)
    • new extended operation: get_bind_dn (Novell)
    • updated setuptools to version 5.3
  • 0.9.3.5 2014.06.22
    • Exception history in restartable strategy is printed when reached the maximum number of retries
    • Fixed conditions on terminated_by_server unsolicited message
    • Added python2.6 egg installation package
  • 0.9.3.4 2014.06.16
    • Exception can now be imported from ldap3 package
    • Escape_bytes return ‘’ for empty string instead of None (thanks Brian)
    • Added exception history to restartable connection (not for infinite retries)
    • Fixed start_tls retrying in restartable connection (thanks Brian)
    • New exception LDAPMaximumRetriesError for signalling when the SyncRestartable Strategy has reached the maximum number of retries while performing an operation
    • Inverted deleteoldrdn value in LDIF output (thanks Joseph)
  • 0.9.3.3 2014.06.01
    • Fixed a bug in LDIFProducer when using context manager for connection
    • LDIF header in stream is added only whene there are actual data in the stream
    • Now LDIF stream can be added to an existing file - version header will not be written if stream is not empty
  • 0.9.3.2 2014.05.30
    • Fixed a bug while reading schema
    • Add an implicit open() when trying binding on a closed connection
  • 0.9.3.1 2014.05.28
    • Added stream capability to LDIFProducer strategy
    • Customizable line separator for LDIF output
    • Customizable sorting order for LDIF output
    • object_class parameter is now optional in connection.add()
    • Fixed objectClass attribute case sensitive dependency in add operation
    • Added stream capability to response_to_ldif() while searching
  • 0.9.3 2014.05.20
    • Now the key in server.schema.attribute_type is the attribute name (was the oid)
    • Now the key in server.schema.object_classes is the class name (was the oid)
    • Added check_names to Connection definition to have name of attributes and of object class checked against the schema
    • Updated setuptools to 3.6
    • Added wheel installation format
    • Added raise_exceptions mode for connection
    • Exception hierarchy reworked
    • Added locking to Server object (for multithreading)
  • 0.9.2.2 2014.04.30
    • fixed a bug from 0.9.1 that broke start_tls() (thanks Mark)
  • 0.9.2.1 2014.04.28
    • fixed a bug in 0.9.2 that allowed only string attributes in add, modify and compare operations (thank Mladen)
  • 0.9.2 2014.04.26
    • changed return value in get_response from response to (response, result) - helpful for multi-threaded connections
    • added ReusableStrategy for pooling connections
    • refined docstrings (thanks Will)
    • result and response attributes don’t overlap anymore. Operation result is only in result attribute.
    • fixed search for binary values (thanks Marcin)
    • added convenience function to convert bytes to LDAP binary value string format for search filter
  • 0.9.1 2014.03.30
    • added laziness flag to test suite
    • changed ServerPool signature to accept active and exhaust parameters
    • removed unneeded start_listen parameter
    • added ‘lazy’ parameter to open, to bind and to unbind a connection only when an effective operation is performed
    • fixed start_tls in SyncWaitRestartable strategy
    • fixed certificate name checking while opening an ssl connection
    • fixed syntax error during installation
    • socket operations now raises proper exception, not generic LDAPException (thanks Joseph)
    • tested against Python 3.4, 3.3, 2.7, 2.6
    • updated setuptools to 3.3
  • 0.9.0 2014.03.20
    • PEP8 compliance
    • added ldap3.compat package with older (non PEP8 compliant) signatures
    • renamed ldap3.abstraction to ldap3.abstract
    • moved connection.py, server.py and tls.py files to ldap3.core
    • fixed SyncWaitRestartableStrategy (thanks Christoph)
  • 0.8.3 2014.03.08
    • added SyncWaitRestartable strategy
    • removed useless forceBind parameter
    • usage statistics updated with restartable success/failure counters and open/closed/wrapped socket counters
  • 0.8.2 2014.03.04
    • Added refresh() method to Entry object to read again the attributes from the Reader in the abstraction layer
    • Fixed Python 2.6 issues
    • Fixed test suite for Python 2.6
  • 0.8,1 2014.02.12
    • Changed exceptions returned by the library to LDAPException, a subclass of Exception.
    • Fixed documentation typos
  • 0.8.0 - 2014.02.08
    • Added abstraction layer (for searching, read only)
    • Added context manager to Connection class
    • Added readOnly parameter to Connection class
    • Fixed a bug in search with ‘less than’ parameter
    • Remove validation of available SSL protocols because different Python interpreters can use different ssl packages
  • 0.7.3 - 2014.01.05
    • Added SASL DIGEST-MD5 support
    • Moved to intrapackage (relative) imports
  • 0.7.2 - 2013.12.30
    • Fixed a bug when parentheses are used in search filter as ASCII escaped sequences
  • 0.7.1 - 2013.12.21
    • Completed support for LDIF as per RFC2849
    • Added new LDIF_PRODUCER strategy to generate LDIF-CHANGE stream
    • Fixed a bug in the autoReferral feature when controls where used in operation
  • 0.7.0 - 2013.12.12
    • Added support for LDIF as per RFC2849
    • Added LDIF-CONTENT compliant search responses
    • Added exception when using autoBind if connection is not successful
  • 0.6.7 - 2013.12.03
    • Fixed exception when DSA is not willing to return rootDSE and schema info
  • 0.6.6 - 2013.11.13
    • Added parameters to test suite
  • 0.6.5 - 2013.11.05
    • Modified rawAttributes decoding, now null (empty) values are returned
  • 0.6.4 - 2013.10.16
    • Added simple paged search as per RFC2696
    • Controls return values are decoded and stored in result attribute of connection
  • 0.6.3 - 2013.10.07
    • Added Extesible Filter syntax to search filter
    • Fixed exception while closing connection in AsyncThreaded strategy
  • 0.6.2 - 2013.10.01
    • Fix for referrals in searchRefResult
    • Disabled schema reading on Active Directory
  • 0.6.1 - 2013.09.22
    • Experimental support for Python 2 - no unicode
    • Added backport of ssl.match_name for Python 2
    • Minor fixes for using the client in Python 2
    • Fix for getting schema info with AsyncThreaded strategy
  • 0.6.0 - 2013.09.16
    • Moved to beta!
    • Added support site hosted on www.assembla.com
    • Added public svn repository on www.assembla.com
    • Added getInfo to server object, parameter can be: GET_NO_INFO, GET_DSA_INFO, GET_SCHEMA_INFO, GET_ALL_INFO
    • Added method to read the schema from the server. Schema is decoded and returned in different dictionaries of the server.schema object
    • Updated connection usage info (elapsed time is now computed when connection is closed)
    • Updated OID dictionary with extensions and controls from Active Directory specifications.
  • 0.5.3 - 2013.09.03
    • Added getOperationalAttributes boolean to Search operation to fetch the operational attributes during search
    • Added increment operation to modify operation as per RFC4525
    • Added dictionary of OID descriptions (for DSE and schema decoding)
    • Added method to get Info from DSE (returned in server.info object)
    • Modified exceptions for sending controls in LDAP request
    • Added connection usage (in connection.usage if collectUsage=True in connection definition)
    • Fixed StartTls in asynchronous client strategy
  • 0.5.2 - 2013.08.27
    • Added SASLprep profile for validating password
    • Fixed RFC4511 asn1 definitions
  • 0.5.1 - 2013.08.17
    • Refactored package structure
    • Project description reformatted with reStructuredText
    • Added Windows graphical installation
  • 0.5.0 - 2013.08.15
    • Added reference to LGPL v3 license
    • Added Tls object to hold ssl/tls configuration
    • Added StartTLS feature
    • Added SASL feature
    • Added SASL EXTERNAL mechanism
    • Fixed Unbind
    • connection.close is now an alias for connection.unbind
  • 0.4.4 - 2013.08.01
    • Added ‘Controls’ to all LDAP Requests
    • Added Extended Request feature
    • Added Intermediate Response feature
    • Added namespace ‘ldap3’
  • 0.4.3 - 2013.07.31
    • Test suite refactored
    • Fixed single object search response error
    • Changed attributes returned in search from tuple to dict
    • Added ‘raw_attributes’ key in search response to hold undecoded (binary) attribute values read from ldap
    • Added __repr__ for Server and Connection objects to re-create the object instance
  • 0.4.2 - 2013.07.29
    • Added autoReferral feature as per RFC4511 (4.1.10)
    • Added allowedReferralHosts to conform to Security considerations of RFC4516
  • 0.4.1 - 2013.07.20
    • Add validation to Abandon operation
    • Added connection.request to hold a dictionary of infos about last request
    • Added info about outstanding operation in connection.strategy._oustanding
    • Implemented RFC4515 for search filter coding and decoding
    • Added a parser to build filter string from LdapMessage
  • 0.4.0 - 2013.07.15
    • Refactoring of the connection and strategy classes
    • Added the ldap3.strategy namespace to contain client connection strategies
    • Added ssl authentication
    • Moved authentication parameters from Server object to Connection object
    • Added ssl parameters to Server Object
  • 0.3.0 - 2013.07.14
    • Fixed AsyncThreaded strategy with _outstanding and _responses attributes to hold the pending requests and the not-yet-read responses
    • Added Extended Operation
    • Added “Unsolicited Notification” discover logic
    • Added managing of “Notice of Disconnection” from server to properly close connection
  • 0.2.0 - 2013.07.13
    • Update setup with setuptools 0.7
    • Docstrings added to class
    • Removed ez_setup dependency
    • Removed distribute dependency
  • 0.1.0 - 2013.07.12
    • Initial upload on pypi
    • PyASN1 RFC4511 module completed and tested
    • Synchronous client working properly
    • Asynchronous client working but not fully tested
    • Basic authentication working