Python - LDAP
Revision as of 16:44, 10 May 2008 by PeterHarding (talk | contribs)
Using the Python LDAP Module
Search
The searches are made by binding anonymously.
#!/usr/bin/env python # #--------------------------------------------------------------------------------------------------- import sys import ldap #--------------------------------------------------------------------------------------------------- l = ldap.initialize("ldap://hx30:6389") l.simple_bind_s("","") base_dn = "ou=people,dc=auspost,dc=com" filter = "(&(objectclass=auspostuser)(uid=svt*))" rows = l.search_s(base_dn, ldap.SCOPE_SUBTREE, filter) print "Returned -> %d rows" % len(rows) for row in rows: print row col0 = row[0].split(', ')[0] uid = col0.split(',')[0].split('=')[1] type = col0.split(',')[1].split('=')[1] if row[1].has_key('groups'): group = row[1]['groups'][0].split(',')[0].split('=')[1] else: group = '' print "%s,%s,%s" % (uid, type, group) #---------------------------------------------------------------------------------------------------
Modify
Adds, mods and deletes require binding as a user with appropriate rights.
#!/usr/bin/env python # #--------------------------------------------------------------------------------------------------- import sys import ldap #--------------------------------------------------------------------------------------------------- HOST = 'hx30' PORT = 6389 #--------------------------------------------------------------------------------------------------- idx = 0 l = ldap.initialize("ldap://%s:%d" % (HOST, PORT)) l.simple_bind_s("cn=osm,dc=auspost,dc=com","osmadmin") base_dn = "uid=svt_PLH%05d,ou=internal,ou=people,dc=auspost,dc=com" % idx print base_dn mod_attrs = [ (ldap.MOD_REPLACE, 'description', 'SVT User %05d' % idx), (ldap.MOD_DELETE, 'givenName', 'Francis' ), (ldap.MOD_ADD, 'givenName', 'Frank' ) ] rc = l.modify_s(base_dn, mod_attrs) print rc
Add
#!/usr/bin/env python # #--------------------------------------------------------------------------------------------------- import sys import ldap #--------------------------------------------------------------------------------------------------- new = ( 'uid=apxxxsd,ou=internal,ou=people,dc=XXX,dc=com', { 'cn' : ['apxxxsd'], 'description' : ['apxxxsd'], 'objectClass' : ['auspostUser'], 'sn' : ['apxxxsd'], 'groups' : ['cn=GRP_Facility,ou=groups,dc=XXX,dc=com'], 'uid' : ['apxxxsd'] } ) #--------------------------------------------------------------------------------------------------- def record(idx): add_record = [ ('objectclass', ['XXXtuser']), ('uid', ['svt_PLH%05d' % idx]), ('cn', ['SVT PLH%05d' % idx] ), ('sn', ['svt_PLH%05d' % idx] ), ('description', ['PLH test %05d' % idx]), ('userpassword', ['secret']), ('ou', ['users']) ] return add_record #--------------------------------------------------------------------------------------------------- idx = 3 l = ldap.initialize("ldap://%s:%d" % (HOST, PORT)) l.simple_bind_s("cn=XXX,dc=XXX,dc=com","XXXX") base_dn = "uid=svt_XXX%05d,ou=people,ou=external,dc=XXX,dc=com" % idx add_rec = record(idx) rc = l.add_s(base_dn, add_rec) print rc
Delete
#!/usr/bin/env python # #--------------------------------------------------------------------------------------------------- import sys import ldap #--------------------------------------------------------------------------------------------------- idx = 0 l = ldap.initialize("ldap://%s:%s" % (HOST,PORT)) l.simple_bind_s("cn=XXX,dc=XXX,dc=com","XXXX") base_dn = "uid=svt_XXX%05d,ou=people,dc=XXX,dc=com" % idx print base_dn rc = l.delete_s(base_dn) print rc