I am trying to write a script to simply query the group members in an
active directory group. I need to use LDAP to make sure I capture any
global > global group nestings that may occur. I already have a
function that uses WinNT provider to capture this info from NT4 or AD
domains and it works beautifully. It just doesn't capture global >
global nestings. I am having great difficulties in getting this to
work on AD though with ldap. I have a multiple domain tree
environment and need to be able to query groups in different domains.
I want to simply make an ldap connection, bind to it, search for the
group and get it's members.
I do the following for eDirectory and it works great but not in AD.
import ldap
l=ldap.open(1.2.3.4,trace_level = 1)
l.simple_bind_s('cn=username,ou=company','password')
UserRes = UserRes + l.search_s(
o=company,
ldap.SCOPE_SUBTREE, "(|'cn=groupname')
If I do the same thing as above but to an AD source it doesn't work.
I run the open and it seems successful, I run the bind using DN, UPN,
or domain name and password and it seems to bind, I run the query and
it says I must complete a successfull bind operation before doing a
query.
Any help is appreciated.
--
http://mail.python.org/mailman/listinfo/python-list
