是否有可能以及如何使用 python 和 django 从 LDAP 获取所有用户?
环境:
python - 3.6.6
django - 2.x.x
django-auth-ldap - 2.0.0
python-ldap - 3.2.0
代码:
import ldap
from django_auth_ldap.backend import LDAPBackend, _LDAPUser, LDAPSearch
user = _LDAPUser(LDAPBackend(), "any") # just for getting root connection to LDAP
search = LDAPSearch(
"ou=Some,dc=some,dc=some,dc=some",
ldap.SCOPE_SUBTREE,
"???? what should be here ???" # criteria, I guess
)
# list of users is expected, or at least user's names
result = search.execute(user.connection)
问题:
如何为获取用户列表构建正确的标准(或如何正确调用它)?(链接会很棒)
有可能吗?
解决方案(不用于生产,只是工作草图):
# based on https://medium.com/@alpolishchuk/pagination-of-ldap-search-results-with-python-ldap-845de60b90d2
import ldap
from ldap.controls import SimplePagedResultsControl
from django_auth_ldap.backend import LDAPBackend, _LDAPUser
user = _LDAPUser(LDAPBackend(), "any")
connect = user.connection
page_control = SimplePagedResultsControl(True, size=2, cookie='')
result = []
fuse = 2
while True:
fuse -= 1
if fuse < 0:
break
response = connect.search_ext(
"ou=some,dc=some,dc=some,dc=some",
ldap.SCOPE_SUBTREE,
"(objectClass=inetorgperson)",
[],
serverctrls=[page_control]
)
rtype, rdata, rmsgid, serverctrls = connect.result3(response)
result.extend(rdata)
controls = [control for control in serverctrls
if control.controlType == SimplePagedResultsControl.controlType]
if not controls:
print("The server ignores RFC 2696 control")
break
if not controls[0].cookie:
break
page_control.cookie = controls[0].cookie
胡说叔叔1回答
-
素胚勾勒不出你
您的环境中可能涉及许多不同的场景。LDAP 中有多少用户?哪个 LDAP 服务器实现?(微软活动目录?)您可能需要使用Simple Paged Results 控件。至于过滤器,有一些Microsoft Active Directory的示例对于(不是广告)一些简单的事情,比如(objectClass=inetorgperson)应该足够了。
随时随地看视频慕课网APP
相关分类
Python