Created
October 4, 2020 11:49
-
-
Save adiroiban/d1926cfc607fd5ef588a908af61d07fd to your computer and use it in GitHub Desktop.
Simple ldaptor example to connect to a LDAP server, bind and dump the result.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Run a simple LDAP client query. | |
| Usage: | |
| client-query [options] | |
| -h --help Show this help. | |
| Connection options: | |
| --host=127.0.0.1 Connect to a specific host. [default: 127.0.0.1] | |
| --port=8000 Connect to a specific port. [default: 1389] | |
| -u --binddn=<BIND_DN> User used for authentication. | |
| On AD use CN=Administrator,CN=Users,DC=dc,DC=chevah,DC=com | |
| [default: cn=admin-ldap,ou=people,dc=example,dc=com] | |
| -p --bindpw=<PASS> Password for the bind account. [default: pass] | |
| Search options: | |
| -b --basedn=<BASE_DN> Root for the search. [default: dc=example,dc=com] | |
| -q --query=<FILTER> Filter the search results. [default: (cn=*)] | |
| --scope=<SCOPE> Scope of the search (base|one|sub) | |
| -a --attributes=<SCOPE> Comma separated list of attributes. | |
| """ | |
| from __future__ import print_function | |
| from docopt import docopt | |
| from twisted.internet import defer | |
| from twisted.internet.endpoints import clientFromString, connectProtocol | |
| from twisted.internet.task import react | |
| from ldaptor.protocols import pureldap | |
| from ldaptor.protocols.ldap.ldapclient import LDAPClient | |
| from ldaptor.protocols.ldap.ldapsyntax import LDAPEntry | |
| import sys | |
| arguments = docopt(__doc__) | |
| # Convert arguments to usable types. | |
| port = int(arguments['--port']) | |
| host = arguments['--host'] | |
| basedn = arguments['--basedn'] | |
| binddn = arguments['--binddn'] | |
| bindpw = arguments['--bindpw'] | |
| query = arguments['--query'] | |
| scope = arguments['--scope'] | |
| attributes = arguments['--attributes'] | |
| if attributes: | |
| attributes = [attr.strip() for attr in attributes.split(',')] | |
| else: | |
| attributes = () | |
| if scope: | |
| try: | |
| synonyms = { | |
| 'base': 'baseObject', | |
| 'one': 'singleLevel', | |
| 'sub': 'wholeSubtree', | |
| } | |
| scope = synonyms[scope] | |
| scope = getattr(pureldap, 'LDAP_SCOPE_' + scope) | |
| except AttributeError: | |
| raise Exception("bad scope: %s" % scope) | |
| @defer.inlineCallbacks | |
| def onConnect(client): | |
| try: | |
| print('Binding as %s %s' % (binddn, bindpw)) | |
| yield client.bind(binddn, bindpw) | |
| except Exception as ex: | |
| print(ex) | |
| raise | |
| print('Searching %s for %s\n' % (basedn, query)) | |
| o = LDAPEntry(client, basedn) | |
| results = yield o.search( | |
| filterText=query, | |
| attributes=attributes, | |
| scope=scope, | |
| ) | |
| if not results: | |
| print('Nothing found.') | |
| return | |
| for entry in results: | |
| print(entry) | |
| def onError(err): | |
| err.printBriefTraceback(file=sys.stderr) | |
| def main(reactor): | |
| endpoint_str = "tcp:host=%s:port=%s" % (host, port) | |
| e = clientFromString(reactor, endpoint_str) | |
| d = connectProtocol(e, LDAPClient()) | |
| d.addCallback(onConnect) | |
| d.addErrback(onError) | |
| return d | |
| react(main) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment