In Robert Clove
writes:
> I want to find if the particular group exist in my active directory
Search on the group's DN, specifying SCOPE_BASE as the search scope. If
you get a result, then the group exists, otherwise it doesn't.
> also another function to find the user in a particular group
Sure, have you tried it and failed?
I remember using this: https://www.python-ldap.org/docs.html year back and
was able to do many operations including lookups.
On Fri, Sep 9, 2016 at 5:41 AM, Robert Clove wrote:
> Is it possible to find the following things using python ldap or active
> direc
Joseph L. Casale wrote:
> I had some time today, so I attempted to open the ldif files in binary mode
> to simply
> work with the raw byte strings but the moment the first entry was parsed,
> parse()
> stumbled on a character in the first entries dict and passed a dn of None for
> the last half?
> Note that all modules in python-ldap up to 2.4.10 including module 'ldif'
> expect raw byte strings to be passed as arguments. It seems to me you're
> passing a Unicode object in the entry dictionary which will fail in case an
> attribute value contains NON-ASCII chars.
Yup, I was.
> python-lda
Joseph L. Casale wrote:
> After parsing the data for a user I am simply taking a value from the ldif
> file and writing
> it back out to another which fails, the value parsed is:
>
> officestreetaddress:: T3R0by1NZcOfbWVyLVN0cmHDn2UgMQ==
>
>
> File "C:\Python27\lib\site-packages\ldif.py", lin
"Joseph L. Casale" writes:
> ...
> After parsing the data for a user I am simply taking a value from the ldif
> file and writing
> it back out to another which fails, the value parsed is:
>
> officestreetaddress:: T3R0by1NZcOfbWVyLVN0cmHDn2UgMQ==
>
>
> File "C:\Python27\lib\site-packages\ldif.p
Hi Michael,
> Processing LDIF is one thing, doing LDAP operations another.
>
> LDIF itself is meant to be ASCII-clean. But each attribute value can carry any
> byte sequence (e.g. attribute 'jpegPhoto'). There's no further processing by
> module LDIF - it simply returns byte sequences.
>
> The a
Joseph L. Casale wrote:
>> I'm not sure what exactly you're asking for.
>> Especially "is not being interpreted as a string requiring base64 encoding"
>> is
>> written without giving the right context.
>>
>> So I'm just guessing that this might be the usual misunderstandings with use
>> of base64
> I'm not sure what exactly you're asking for.
> Especially "is not being interpreted as a string requiring base64 encoding" is
> written without giving the right context.
>
> So I'm just guessing that this might be the usual misunderstandings with use
> of base64 in LDIF. Read more about when LDI
Joseph L. Casale wrote:
>> Can you give an example of the code you have?
>
> I actually just overrode the regex used by the method in the LDIFWriter class
> to be far more broad
> about what it interprets as a safe string.
Are you sure that you fully understood RFC 2849 before doing this?
Which
Joseph L. Casale wrote:
> I have some data I am working with that is not being interpreted as a string
> requiring
> base64 encoding when sent to the ldif module for output.
>
> The base64 string parsed is ZGV0XDMzMTB3YmJccGc= and the raw string is
> det\3310wbb\pg.
> I'll admit my understanding
> Can you give an example of the code you have?
I actually just overrode the regex used by the method in the LDIFWriter class
to be far more broad
about what it interprets as a safe string. I really need to properly handle
reading, manipulating and
writing non ascii data to solve this...
Shame
Can you give an example of the code you have?
> From: [email protected]
> To: [email protected]
> Subject: Ldap module and base64 oncoding
> Date: Fri, 24 May 2013 21:00:01 +
>
> I have some data I am working with that is not being interpre
sajuptpm wrote:
Yea i am not totally clear about that
Client's Requirement is
option to have a ldap proxy user bind to the ldap server if it needs
more directory rights than an anonymous bind.
option to use a ldap proxy user when searching.
As said: there's the proxy authorization control (see
Hi Michael Torrie,
Thanks to reply
Why we need Twisted here, i did not get it.
My understanding is that
if
ldap_proxy_user = ldap_proxy
ldap_proxy_pwd = secret
( set more privileges to this user at ldap server side, for get other
users infos)
are configured at server side, then allow clients to l
On 02/11/2012 08:35 PM, Michael Torrie wrote:
> On 02/11/2012 02:19 PM, sajuptpm wrote:
>> Hi Michael Ströder,
>> Thanks for replay
>>
>> Yea i am not totally clear about that
>>
>> Client's Requirement is
>> option to have a ldap proxy user bind to the ldap server if it needs
>> more directory rig
On 02/11/2012 02:19 PM, sajuptpm wrote:
> Hi Michael Ströder,
> Thanks for replay
>
> Yea i am not totally clear about that
>
> Client's Requirement is
> option to have a ldap proxy user bind to the ldap server if it needs
> more directory rights than an anonymous bind.
> option to use a ldap pro
sajuptpm wrote:
I have developed a LDAP auth system using python-ldap module.
Using that i can validate username and password, fetch user and
groups info from LDAP directory.
Now i want to implement ldap proxy user bind to the ldap server.
What do you mean exactly?
Are you talking about LDAPv
sajuptpm wrote:
> results = ldapClient.search_s("cn=My-Group-1,ou=Groups,o=CUST",
> ldap.SCOPE_BASE)
>
> Is this method work for all types of groups (groupOfNames,
> posixGroup) ???
Yes, but the member attribute differs.
'member' in entries of object class 'groupOfNames' contains the DN of the
m
results = ldapClient.search_s("cn=My-Group-1,ou=Groups,o=CUST",
ldap.SCOPE_BASE)
Is this method work for all types of groups (groupOfNames,
posixGroup) ???
have to implement user search/fetch separately for each groups ???
--
http://mail.python.org/mailman/listinfo/python-list
In <34110eed-96bc-499f-9a4e-068f2720f...@h12g2000pro.googlegroups.com> sajuptpm
writes:
> dn: cn=My-Group-1,ou=Groups,o=CUST
> member: cn=AJP2203,ou=Internal PCA,o=CUST
> member: cn=AZE9632,ou=Internal PCA,o=CUST
> member: cn=BTC4979,ou=Internal PCA,o=CUST
> * I have group definition in LDAP se
sajuptpm wrote:
> --- User
>
> cn=AJP2203,ou=Internal PCA,o=CUST has group memberships
> to the following Groups:
> groupMembership: cn=My-Group-1,ou=Groups,o=CUST
> groupMembership: cn=My-Group-2,u=Groups,o=CUST
> groupMembership: cn=My-Group-3,ou=Groups,o=
--- User
cn=AJP2203,ou=Internal PCA,o=CUST has group memberships
to the following Groups:
groupMembership: cn=My-Group-1,ou=Groups,o=CUST
groupMembership: cn=My-Group-2,u=Groups,o=CUST
groupMembership: cn=My-Group-3,ou=Groups,o=CUST
I am using Openldap (openldap 2.3.43-12.el5_5.2 and openldap.i386
0:2.3.43_2.2.29-12.el5_6.7)
--
http://mail.python.org/mailman/listinfo/python-list
Hi,
Thanks for reply.
dn: cn=My-Group-1, ou=Groups, o=CUST
equivalentToMe: cn=TDS7034,ou=Internal PCA,o=CUST
objectClass: groupOfNames <
objectClass: top
objectClass: swarePointers
ACL: 2#entry#[Root]#member
cn: My-Group-1
member: cn=AJP2203,ou=Internal PCA,o=CUST
member: cn=AZE9632,o
sajuptpm wrote:
> How get all users belongs to a group using python ldap module.
There are several ways of storing grouping information in a LDAP server.
I assume the groups are normal group entries of object class 'groupOfNames'
which is most commonly used. Such an entry has the attribute 'membe
On Thu, Jun 23, 2011 at 9:14 AM, sajuptpm wrote:
> Hi,
> How get all users belongs to a group using python ldap module.
Depends on what you mean by "users" and "group", what information you
already have, and what information you want to get. I'll assume you
mean posix accounts and groups, and tha
John Gordon wrote:
> I'm using the ldap package to connect to an ldap server and run a query.
> Very simple code, along these lines:
>
> con = ldap.initialize(uri)
> con.simple_bind_s(user, password)
> results = con.search_s(group, ldap.SCOPE_SUBTREE, filter, attrs)
> for r in results:
>
Benny Fallica wrote:
> Hello there,
>
> what would be the python implementation for this line in Java:
>
>
> java.util.Hashtable environment = LdapHelper.getEnvironment(url, true);
> LdapContext ldapContext = new InitialLdapContext(environment, null);
> Response resp = (Response) ldapContext.ext
[EMAIL PROTECTED] wrote:
> Searching on the web I know that exists PythonLdap, but I dont'know if
> this is best choise or not.
http://python-ldap.sf.net is the most complete implementation I know of.
(Being the maintainer I might be biased.) It has the caveat of depending
on the OpenLDAP client
On 07/04/2008, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> sorry, i'm new with Python.
> I must do interaction beetween Python and Ldap, and I don't know how
> do this.
> Searching on the web I know that exists PythonLdap, but I dont'know if
> this is best choise or not.
>
> Thank's
>
> -
[EMAIL PROTECTED] wrote:
> sorry, i'm new with Python.
> I must do interaction beetween Python and Ldap, and I don't know how
> do this.
> Searching on the web I know that exists PythonLdap, but I dont'know if
> this is best choise or not.
Who cares? Use it, and see if it's good enough for your
Bruno Desthuilliers wrote:
>
> If you know which attributes are supposed to be multivalued in your
> specific application, then it's time to write a more serious,
> application-specific wrapper.
ldap.schema can be used to find that out.
Ciao, Michael.
--
http://mail.python.org/mailman/listinfo/
Hallvard B Furuseth a écrit :
> Bruno Desthuilliers writes:
>
>>Hallvard B Furuseth a écrit :
>>
else:
# all LDAP attribs are multivalued by default,
# even when the schema says they are monovalued
if len(data) == 1:
return data[0]
Bruno Desthuilliers writes:
>Hallvard B Furuseth a écrit :
>>> else:
>>># all LDAP attribs are multivalued by default,
>>># even when the schema says they are monovalued
>>>if len(data) == 1:
>>> return data[0]
>>>else:
>>> return data[:]
>>
Cruelemort wrote:
> I was wondering the best way to do this? I have installed and used the
> python-ldap libraries and these allow me to access and search the
> server, but the searches always return a horrible nesting of lists,
> tuples and dictionaries, below is an example of returning just one
>
Hallvard B Furuseth a écrit :
> Bruno Desthuilliers writes:
>> class LdapObject(object):
>>(...)
>>def __getattr__(self, name):
>> try:
>>data = self._record[name]
>> except KeyError:
>>raise AttributeError(
>> "object %s has no attribute %s" % (self, name
Bruno Desthuilliers writes:
> class LdapObject(object):
>(...)
>def __getattr__(self, name):
> try:
>data = self._record[name]
> except KeyError:
>raise AttributeError(
> "object %s has no attribute %s" % (self, name)
> )
Note that LDAP attribute
On Feb 1, 11:08 pm, "aspineux" <[EMAIL PROTECTED]> wrote:
> The tree hierarchy is defined by the DN of each object, the types of
> the object is specified by its objectClass.
> Just collect all items (or do it dynamically by tunning the scope and
> the base of your search request)
>
> On 1 fév, 18:
The tree hierarchy is defined by the DN of each object, the types of
the object is specified by its objectClass.
Just collect all items (or do it dynamically by tunning the scope and
the base of your search request)
On 1 fév, 18:22, "Cruelemort" <[EMAIL PROTECTED]> wrote:
> All,
>
> I am hoping
Cruelemort a écrit :
> All,
>
> I am hoping someone would be able to help me with a problem. I have an
> LDAP server running on a linux box, this LDAP server contains a
> telephone list in various groupings, the ldif file of which is -
>
(snip)
>
> I am creating a python client program that will
>
> I was wondering the best way to do this? I have installed and used the
> python-ldap libraries and these allow me to access and search the
> server, but the searches always return a horrible nesting of lists,
> tuples and dictionaries, below is an example of returning just one
> record -
>
>
Jed Parsons wrote:
>
>> Which LDAP server are you using? You can switch off this behaviour
>> with OpenLDAP. See man 5 slapd.conf, allow .
>
> I don't have anything other than user access. Good to know about this
> feature, though.
In case you're programming for different LDAP servers it's good
> Which LDAP server are you using? You can switch off this behaviour
> with OpenLDAP. See man 5 slapd.conf, allow .
I don't have anything other than user access. Good to know about this
feature, though.
You've been very helpful - I really appreciate it.
Can you recommend any favorite books
Jed Parsons wrote:
>
> As an addendum, I discovered one little gotcha, namely that this:
>
> l.bind_s(username, password, ldap.AUTH_SIMPLE)
>
> throws an ldap.INVALID_CREDENTIALS error if the password contains the
> wrong text, but works if the password is empty. I guess this is
> tantamoun
Hi, Michael,
Thanks very much for your response. I think I can work it out now.
>> authenticated = False
> ^^^
> Identiation is wrong here.
Yes, sorry about that - doesn't always work on this email client :(
As an addendum, I discovered one little gotcha, namely that this:
Jed Parsons wrote:
>
> import ldap
> l = ldap.open('our.ldap.server')
> try:
> l.bind_s(username, password, ldap.AUTH_SIMPLE)
> authenticated = True
> except:
> authenticated = False
^^^
Identiation is wrong here.
Also I'd recommend to catch the ldap.LDAP
Title: RE: ldap usage
Looks like the top of my message got garbled
I was trying to say that I'm using ldap for the first time,
trying to write a script that authenticates a user against
our ldap server. etc. The rest came through.
Hope that makes more sense now :)
j
-Ori
Sells, Fred wrote:
>
> I've got the ldap stuff working for groups, but now I'm trying to use it to
> change a user password. I get a return of 2 and no error messages but it
> does not change ldap.
Could you please post a complete Python traceback? If you mean "2" being
the LDAP error code this
49 matches
Mail list logo
