Python操作AD使用LDAP3（ConnectionResetError: [Errno 104] Connection reset by peer）

2021-6-17

问题描述

AD域：Windows Server 2019

Python版本：3.9

LDAP3版本：2.9

报错信息如下：

Traceback (most recent call last):
  File "/usr/local/Python-3.9.0/lib/python3.9/site-packages/ldap3/strategy/base.py", line 881, in sending
    self.connection.socket.sendall(encoded_message)
  File "/usr/local/Python-3.9.0/lib/python3.9/ssl.py", line 1207, in sendall
    return super().sendall(data, flags)
ConnectionResetError: [Errno 104] Connection reset by peer

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/scripts/Sync_Users.py", line 191, in <module>
    print(Sync_Users(Regular_Revision_Password,ServerPool_List,Server_IP,Client_Key,domain,Admin_User,Password).Get_Add_Users())
  File "/scripts/Sync_Users.py", line 93, in __init__
    self.AD_Obj=AD(self.ServerPool_List,domain,Admin_User,Password)
  File "/scripts/Sync_Users.py", line 25, in __init__
    self.conn=Connection(Server_pool, user=Domain + '\\' + UserName, password=Password, authentication=NTLM, auto_bind=True)
  File "/usr/local/Python-3.9.0/lib/python3.9/site-packages/ldap3/core/connection.py", line 363, in __init__
    self._do_auto_bind()
  File "/usr/local/Python-3.9.0/lib/python3.9/site-packages/ldap3/core/connection.py", line 389, in _do_auto_bind
    self.bind(read_server_info=True)
  File "/usr/local/Python-3.9.0/lib/python3.9/site-packages/ldap3/core/connection.py", line 628, in bind
    response = self.do_ntlm_bind(controls)
  File "/usr/local/Python-3.9.0/lib/python3.9/site-packages/ldap3/core/connection.py", line 1373, in do_ntlm_bind
    response = self.post_send_single_response(self.send('bindRequest', request, controls))
  File "/usr/local/Python-3.9.0/lib/python3.9/site-packages/ldap3/strategy/base.py", line 331, in send
    self.sending(ldap_message)
  File "/usr/local/Python-3.9.0/lib/python3.9/site-packages/ldap3/strategy/base.py", line 892, in sending
    raise communication_exception_factory(LDAPSocketSendError, type(e)(str(e)))(self.connection.last_error)
ldap3.core.exceptions.LDAPSocketSendError: socket sending error[Errno 104] Connection reset by peer
[root@kms scripts]#

解决方案

AD域中安装证书服务器及IIS服务器即可。

备注：

有时证书服务器安装完毕后，也无法进行连接，需要看颁发证书服务器的域控制器是否将证书颁发成功，如没有颁发成功，需要手工注册。

多域控的环境中，其它服务器因为没有信任该证书服务器，需要将证书服务器添加信任的根颁发证书中。

借鉴资料：

https://ithelp.ithome.com.tw/articles/10229428

2021-6-17 13:40:18

作者：龙魂

链接：https://blog.wlzs.cn/python%e6%93%8d%e4%bd%9cad%e4%bd%bf%e7%94%a8ldap3%ef%bc%88connectionreseterror-errno-104-connection-reset-by-peer%ef%bc%89/

文章版权归作者所有，未经允许请勿转载。

THE END

Zabbix High swap space usage(less than 50% free)

<<上一篇

解决多进程中APScheduler重复运行的问题

下一篇>>