Accessing the LDAP server

Using ldap3 is straightforward—you define a Server object and a Connection object. All the importable objects are available in ldap3 namespace. You need to at least import the Server and the Connection object, and any additional constants you will use in your LDAP connection:

>>> from ldap3 import Server, Connection, ALL

In this example, we are accessing the LDAP server with an anonymous bind. The auto_bind=True parameter forces the Bind operation to execute after creating the Connection object. You can get information with the info property of the Server object.

You can find the following code in the connect_ldap_server.py file:

#!/usr/bin/env python3

import argparse
from ldap3 import Server, Connection, ALL

def main(address):
    # Create the Server object with the given address.
    # Get ALL information.
    server = Server(address, get_info=ALL)
    #Create a connection object, and bind with auto bind set to true.
    conn = Connection(server, auto_bind=True)
    # Print the LDAP Server Information.
    print('******************Server Info**************')
    print(server.info)

if __name__ == '__main__':
    parser = argparse.ArgumentParser(description='Query LDAP Server')
    parser.add_argument('--address', action="store", dest="address", default='ipa.demo1.freeipa.org')
    given_args = parser.parse_args()
    address = given_args.address
    main(address)

The following is the output of the previous script. From this response, we know that this server is a standalone LDAP server that can hold entries in the dc=demo1, dc=freeipa, and dc=org contexts:

DSA info (from DSE):
 Supported LDAP Versions: 2, 3
 Naming Contexts:
 cn=changelog
 dc=demo1,dc=freeipa,dc=org
 o=ipaca
 Alternative Servers: None
 Supported Controls:
 1.2.840.113556.1.4.319 - LDAP Simple Paged Results - Control - RFC2696
 1.2.840.113556.1.4.473 - Sort Request - Control - RFC2891
 1.3.6.1.1.13.1 - LDAP Pre-read - Control - RFC4527
 1.3.6.1.1.13.2 - LDAP Post-read - Control - RFC4527
 1.3.6.1.4.1.1466.29539.12 - Chaining loop detect - Control - SUN microsystems
 1.3.6.1.4.1.42.2.27.8.5.1 - Password policy - Control - IETF DRAFT behera-ldap-password-policy
 1.3.6.1.4.1.42.2.27.9.5.2 - Get effective rights - Control - IETF DRAFT draft-ietf-ldapext-acl-model
 1.3.6.1.4.1.42.2.27.9.5.8 - Account usability - Control - SUN microsystems
 1.3.6.1.4.1.4203.1.9.1.1 - LDAP content synchronization - Control - RFC4533
 1.3.6.1.4.1.4203.666.5.16 - LDAP Dereference - Control - IETF DRAFT draft-masarati-ldap-deref
 2.16.840.1.113730.3.4.12 - Proxied Authorization (old) - Control - Netscape
 2.16.840.1.113730.3.4.13 - iPlanet Directory Server Replication Update Information - Control - Netscape
 2.16.840.1.113730.3.4.14 - Search on specific database - Control - Netscape
 2.16.840.1.113730.3.4.15 - Authorization Identity Response Control - Control - RFC3829
 2.16.840.1.113730.3.4.16 - Authorization Identity Request Control - Control - RFC3829
 2.16.840.1.113730.3.4.17 - Real attribute only request - Control - Netscape
 2.16.840.1.113730.3.4.18 - Proxy Authorization Control - Control - RFC6171
 2.16.840.1.113730.3.4.19 - Chaining loop detection - Control - Netscape
 2.16.840.1.113730.3.4.2 - ManageDsaIT - Control - RFC3296
 2.16.840.1.113730.3.4.20 - Mapping Tree Node - Use one backend [extended] - Control - openLDAP
 2.16.840.1.113730.3.4.3 - Persistent Search - Control - IETF
 2.16.840.1.113730.3.4.4 - Netscape Password Expired - Control - Netscape
 2.16.840.1.113730.3.4.5 - Netscape Password Expiring - Control - Netscape
 2.16.840.1.113730.3.4.9 - Virtual List View Request - Control - IETF
 2.16.840.1.113730.3.8.10.6 - OTP Sync Request - Control - freeIPA
 Supported Extensions:
 1.3.6.1.4.1.1466.20037 - StartTLS - Extension - RFC4511-RFC4513
 1.3.6.1.4.1.4203.1.11.1 - Modify Password - Extension - RFC3062
 1.3.6.1.4.1.4203.1.11.3 - Who am I - Extension - RFC4532
 2.16.840.1.113730.3.5.10 - Distributed Numeric Assignment Extended Request - Extension - Netscape
 2.16.840.1.113730.3.5.12 - Start replication request - Extension - Netscape
 2.16.840.1.113730.3.5.3 - Transaction Response Extended Operation - Extension - Netscape
 2.16.840.1.113730.3.5.4 - iPlanet Replication Response Extended Operation - Extension - Netscape
 2.16.840.1.113730.3.5.5 - iPlanet End Replication Request Extended Operation - Extension - Netscape
 2.16.840.1.113730.3.5.6 - iPlanet Replication Entry Request Extended Operation - Extension - Netscape
 2.16.840.1.113730.3.5.7 - iPlanet Bulk Import Start Extended Operation - Extension - Netscape
 2.16.840.1.113730.3.5.8 - iPlanet Bulk Import Finished Extended Operation - Extension - Netscape
 2.16.840.1.113730.3.5.9 - iPlanet Digest Authentication Calculation Extended Operation - Extension - Netscape
 2.16.840.1.113730.3.6.5 - Replication CleanAllRUV - Extension - Netscape
 2.16.840.1.113730.3.6.6 - Replication Abort CleanAllRUV - Extension - Netscape
 2.16.840.1.113730.3.6.7 - Replication CleanAllRUV Retrieve MaxCSN - Extension - Netscape
 2.16.840.1.113730.3.6.8 - Replication CleanAllRUV Check Status - Extension - Netscape
 2.16.840.1.113730.3.8.10.1 - KeyTab set - Extension - FreeIPA
 2.16.840.1.113730.3.8.10.3 - Enrollment join - Extension - FreeIPA
 2.16.840.1.113730.3.8.10.5 - KeyTab get - Extension - FreeIPA
 Supported SASL Mechanisms:
 EXTERNAL, GSS-SPNEGO, GSSAPI, DIGEST-MD5, CRAM-MD5, PLAIN, LOGIN, ANONYMOUS
 Schema Entry:
 cn=schema
 Vendor name: 389 Project
 Vendor version: 389-Directory/1.3.3.8 B2015.036.047
 Other:
 dataversion:
 020150912040104020150912040104020150912040104
 changeLog:
 cn=changelog
 lastchangenumber:
 3033
 firstchangenumber:
 1713
 lastusn:
 8284
 defaultnamingcontext:
 dc=demo1,dc=freeipa,dc=org
 netscapemdsuffix:
 cn=ldap://dc=ipa,dc=demo1,dc=freeipa,dc=org:389
 objectClass:
 top
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset