Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/video/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Python 通过AD/LDAP进行身份验证_Python_Active Directory_Ldap3 - Fatal编程技术网
Fatal编程技术网
  • python/
  • Python 通过AD/LDAP进行身份验证

Python 通过AD/LDAP进行身份验证

python active-directory

Python 通过AD/LDAP进行身份验证,python,active-directory,ldap3,Python,Active Directory,Ldap3,我对AD和LDAP了解不多,但尝试在Python中实现最简单的LDAP/AD登录函数。幸运的是,到目前为止,我测试了几个不同的模块。最有希望的可能是: 你能告诉我这条路对不对吗 基本设置似乎足够好,因为我能够从中提取某种类型的元数据: >>> server._get_dsa_info(connection) >>> server._dsa_info DSA info (from DSE): Supported LDAP versions: 3, 2 N

我对AD和LDAP了解不多,但尝试在Python中实现最简单的LDAP/AD登录函数。幸运的是,到目前为止,我测试了几个不同的模块。最有希望的可能是:

你能告诉我这条路对不对吗

基本设置似乎足够好,因为我能够从中提取某种类型的元数据:

>>> server._get_dsa_info(connection)
>>> server._dsa_info
DSA info (from DSE):
  Supported LDAP versions: 3, 2
  Naming contexts:
    DC=mydomain,DC=com
    CN=Configuration,DC=mydomain,DC=com
    CN=Schema,CN=Configuration,DC=mydomain,DC=com
    DC=DomainDnsZones,DC=mydomain,DC=com
    DC=ForestDnsZones,DC=mydomain,DC=com

  Supported controls:
    1.2.840.113556.1.4.1338 - Verify name - Control - MICROSOFT
    1.2.840.113556.1.4.1339 - Domain scope - Control - MICROSOFT
    1.2.840.113556.1.4.1340 - Search options - Control - MICROSOFT
    ...
我也尝试过,但开始怀疑我们的广告没有按照标准配置,因为我得到:

...
>>> response = ldap_manager.authenticate('me', 'my_pass')
LDAPNoSuchObjectResult - 32 - noSuchObject - CN=Schema,CN=Configuration,DC=mydomain,DC=com - 0000208D: NameErr: DSID-0315270B, problem 2001 (NO_OBJECT), data 0, best match of:
        'CN=Schema,CN=Configuration,DC=mydomain,DC=com'
  - searchResDone - None
请不要犹豫,询问更多的信息,我会尽我所能找出答案。例如,我自己的用户位于:

CN=Lastname Firstname,OU=Consultants,OU=Users,OU=SE,OU=MYDOMAIN,DC=mydomain,DC=com
一些值是:

objectClass = top;person;organizationalPerson;user
name = Lastname Firstname
userPrincipalName = Firstname.Lastname@mydomain.com
另外,从
CN=Schema,CN=Configuration,DC=mydomain,DC=com
中,只有一个子模式,即
CN=Aggregate,CN=Schema,CN=Configuration,DC=mydomain,DC=com
,它看起来是空的。出于某种原因,我相信这正是flask-ldap3-login试图使用的。

使用
ldap3.Connection
的问题在于绑定时我没有使用登录名。这似乎是一条前进的道路:

import ldap3
user = 'me@mycompany.com'
password = 'mypassword'
server = ldap3.Server('myserver')
connection = ldap3.Connection(server, user=user, password=password)
connection.bind()
connection.search(search_base='DC=mycompany,DC=com', search_filter='(&(objectClass=user)(userPrincipalName='+user+'))', search_scope='SUBTREE', attributes='*')
如果您想打印一些数据:

attrs = connection.response[0]['attributes']
print(attrs['displayName'])
for memb in attrs['memberOf']:
    print(memb.partition('=')[2].partition(',')[0])

attrs = connection.response[0]['attributes']
print(attrs['displayName'])
for memb in attrs['memberOf']:
    print(memb.partition('=')[2].partition(',')[0])