Python - LDAP

From PeformIQ Upgrade
Revision as of 16:44, 10 May 2008 by PeterHarding (talk | contribs)
Jump to navigation Jump to search

Using the Python LDAP Module

Search

The searches are made by binding anonymously.

#!/usr/bin/env python
#
#---------------------------------------------------------------------------------------------------

import sys
import ldap

#---------------------------------------------------------------------------------------------------

l = ldap.initialize("ldap://hx30:6389")

l.simple_bind_s("","")

base_dn = "ou=people,dc=auspost,dc=com"
filter  = "(&(objectclass=auspostuser)(uid=svt*))"

rows = l.search_s(base_dn, ldap.SCOPE_SUBTREE, filter)

print "Returned -> %d rows" % len(rows)

for row in rows:
   print row

   col0 = row[0].split(', ')[0]

   uid  = col0.split(',')[0].split('=')[1]
   type = col0.split(',')[1].split('=')[1]

   if row[1].has_key('groups'):
      group = row[1]['groups'][0].split(',')[0].split('=')[1]
   else:
      group = ''

   print "%s,%s,%s" % (uid, type, group)

#---------------------------------------------------------------------------------------------------

Modify

Adds, mods and deletes require binding as a user with appropriate rights.

#!/usr/bin/env python
#
#---------------------------------------------------------------------------------------------------

import sys
import ldap

#---------------------------------------------------------------------------------------------------

HOST    = 'hx30'
PORT    = 6389

#---------------------------------------------------------------------------------------------------

idx = 0

l = ldap.initialize("ldap://%s:%d" % (HOST, PORT))

l.simple_bind_s("cn=osm,dc=auspost,dc=com","osmadmin")

base_dn = "uid=svt_PLH%05d,ou=internal,ou=people,dc=auspost,dc=com" % idx

print base_dn

mod_attrs = [
               (ldap.MOD_REPLACE, 'description',  'SVT User %05d' % idx),
               (ldap.MOD_DELETE,  'givenName',    'Francis' ),
               (ldap.MOD_ADD,     'givenName',    'Frank' )
            ]

rc = l.modify_s(base_dn, mod_attrs)

print rc

Add

#!/usr/bin/env python
#
#---------------------------------------------------------------------------------------------------

import sys
import ldap

#---------------------------------------------------------------------------------------------------

new = (
   'uid=apxxxsd,ou=internal,ou=people,dc=XXX,dc=com',
   {
      'cn'            : ['apxxxsd'],
      'description'   : ['apxxxsd'],
      'objectClass'   : ['auspostUser'],
      'sn'            : ['apxxxsd'],
      'groups'        : ['cn=GRP_Facility,ou=groups,dc=XXX,dc=com'],
      'uid'           : ['apxxxsd']
   }
)

#---------------------------------------------------------------------------------------------------

def record(idx):
   add_record = [
      ('objectclass', ['XXXtuser']),
      ('uid', ['svt_PLH%05d' % idx]),
      ('cn', ['SVT PLH%05d' % idx] ),
      ('sn', ['svt_PLH%05d' % idx] ),
      ('description', ['PLH test %05d' % idx]),
      ('userpassword', ['secret']),
      ('ou', ['users'])
   ]

   return add_record

#---------------------------------------------------------------------------------------------------

idx = 3

l = ldap.initialize("ldap://%s:%d" % (HOST, PORT))

l.simple_bind_s("cn=XXX,dc=XXX,dc=com","XXXX")

base_dn = "uid=svt_XXX%05d,ou=people,ou=external,dc=XXX,dc=com" % idx

add_rec = record(idx)

rc = l.add_s(base_dn, add_rec)

print rc

Delete

#!/usr/bin/env python
#
#---------------------------------------------------------------------------------------------------

import sys
import ldap

#---------------------------------------------------------------------------------------------------

idx = 0

l = ldap.initialize("ldap://%s:%s" % (HOST,PORT))

l.simple_bind_s("cn=XXX,dc=XXX,dc=com","XXXX")

base_dn = "uid=svt_XXX%05d,ou=people,dc=XXX,dc=com" % idx

print base_dn

rc = l.delete_s(base_dn)

print rc