Re: Active Directory Authentication
Thanks to everyone for your help..I'm not familiar with the packages mentioned, so this will definitely be a learning experience! -- http://mail.python.org/mailman/listinfo/python-list
Re: Active Directory Authentication
Stephan Diehl wrote: On Fri, 05 May 2006 05:39:08 -0700, D wrote: Is it possible to have Python authenticate with Active Directory? Specifically what I'd like to do is have a user enter a username/password, then have Python check the credentials with AD - if what they entered is valid, for example, it returns a 1, otherwise a 0.. Thanks! It's possible and you need the python-ldap package for it. The actual authentication will look like (simplified): def authenticate(user='',passwd=''): dn = find_user_dn(user) try: l = ldap.open(AD_HOST_URL) l.protocol_version = ldap.VERSION3 l.simple_bind_s(dn,passwd) l.search_s(SEARCHDN,ldap.SCOPE_SUBTREE,'objectType=bla') l.unbind_s() return True except ldap.LDAPError: return False obviously, you need to supply some function 'find_user_dn' that maps the user to its DN. Since MS AD does not allow anonymous search in its default configuration find_user_dn() would have to bind as an application user with search rights to search the user entry by UPN. Hack not LDAPv3 compliant: When sending a simple bind request to MS AD over LDAP you can also directly use the UPN for 'dn' when invoking l.simple_bind_s(). Note that this is a special semantic of LDAP bind request for MS AD. It is not a LDAPv3 compliant! But if you're sure you won't use this code for binding to another LDAP server you could use this hack. The nice thing about python-ldap is that it also works on other platforms than Win32. The caveat is that you might need to build the OpenLDAP libs. If you're solely on Win32 using ADSI through Win32 extensions for Python as stated by others in this thread might be the better approach. Ciao, Michael. -- http://mail.python.org/mailman/listinfo/python-list
Active Directory Authentication
Is it possible to have Python authenticate with Active Directory? Specifically what I'd like to do is have a user enter a username/password, then have Python check the credentials with AD - if what they entered is valid, for example, it returns a 1, otherwise a 0.. Thanks! -- http://mail.python.org/mailman/listinfo/python-list
Re: Active Directory Authentication
On Fri, May 05, 2006 at 05:39:08AM -0700, D wrote: Is it possible to have Python authenticate with Active Directory? Specifically what I'd like to do is have a user enter a username/password, then have Python check the credentials with AD - if what they entered is valid, for example, it returns a 1, otherwise a 0.. Thanks! Can't you query the AD through LDAP? Then http://python-ldap.sourceforge.net/ might help. Kindly Christoph -- http://mail.python.org/mailman/listinfo/python-list
Re: Active Directory Authentication
On Fri, 05 May 2006 05:39:08 -0700, D wrote: Is it possible to have Python authenticate with Active Directory? Specifically what I'd like to do is have a user enter a username/password, then have Python check the credentials with AD - if what they entered is valid, for example, it returns a 1, otherwise a 0.. Thanks! It's possible and you need the python-ldap package for it. The actual authentication will look like (simplified): def authenticate(user='',passwd=''): dn = find_user_dn(user) try: l = ldap.open(AD_HOST_URL) l.protocol_version = ldap.VERSION3 l.simple_bind_s(dn,passwd) l.search_s(SEARCHDN,ldap.SCOPE_SUBTREE,'objectType=bla') l.unbind_s() return True except ldap.LDAPError: return False obviously, you need to supply some function 'find_user_dn' that maps the user to its DN. -- http://mail.python.org/mailman/listinfo/python-list
Re: Active Directory Authentication
D wrote: Is it possible to have Python authenticate with Active Directory? Specifically what I'd like to do is have a user enter a username/password, then have Python check the credentials with AD - if what they entered is valid, for example, it returns a 1, otherwise a 0.. Thanks! Install the Win32 extensions from http://starship.python.net/crew/skippy/win32/Downloads.html and do something like this: try: handle=win32security.LogonUser(username, None, password, win32security.LOGON32_LOGON_NETWORK, win32security.LOGON32_PROVIDER_DEFAULT) # We're not going to use the handle, just seeing if we can get it. handle.Close() return True except pywintypes.error, e: # Because of the sheer number of Windows-specific errors that can # occur here, we have to assume any of them mean that the # credentials were not valid. return False -- Benji York -- http://mail.python.org/mailman/listinfo/python-list
Re: Active Directory Authentication
Benji York wrote: D wrote: Is it possible to have Python authenticate with Active Directory? Specifically what I'd like to do is have a user enter a username/password, then have Python check the credentials with AD - if what they entered is valid, for example, it returns a 1, otherwise a 0.. Thanks! Install the Win32 extensions from http://starship.python.net/crew/skippy/win32/Downloads.html and do something like this: try: handle=win32security.LogonUser(username, None, password, win32security.LOGON32_LOGON_NETWORK, win32security.LOGON32_PROVIDER_DEFAULT) # We're not going to use the handle, just seeing if we can get it. handle.Close() return True except pywintypes.error, e: # Because of the sheer number of Windows-specific errors that can # occur here, we have to assume any of them mean that the # credentials were not valid. return False -- Benji York I assume then that you can also change user information using the same principle ? I'm trying to switch some VB6 code to python. Philippe -- http://mail.python.org/mailman/listinfo/python-list
Re: Active Directory Authentication
If you have Pywin32 installed, you can use the win32com.adsi package to open an object with username/password credentials. See adsi.ADsOpenObject for details. Adsi also contains a number of interfaces for dealing with users, containers, etc. Roger D [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Is it possible to have Python authenticate with Active Directory? Specifically what I'd like to do is have a user enter a username/password, then have Python check the credentials with AD - if what they entered is valid, for example, it returns a 1, otherwise a 0.. Thanks! == Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News== http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups = East and West-Coast Server Farms - Total Privacy via Encryption = -- http://mail.python.org/mailman/listinfo/python-list