Menu
Running this script on linux machine with openldap
WHY DOES THIS NOT LIST USERS WITHIN THE GROUPS... it only lists groups...no one can seem to figure this out...please help...
server = 'ldap://myAddress'
dn = 'uid=bill,cn=users,cn=accounts,dc=example,dc=com'
base = 'cn=coolPeople,cn=accounts,dc=example,dc=com'
pw = "password"
filter = '(objectclass=posixgroup)'
attrs = ['memberuid']
con = ldap.initialize(server)
try:
con.start_tls_s()
con.simple_bind_s(dn,pw)
groups = con.search_s(base, ldap.SCOPE_SUBTREE, filter, attrs)
for a in groups:
print 'Group:', a[0]
print 'Members:', a[-1].get('memberuid')
except ldap.INVALID_CREDENTIALS:
print "Your username or password is incorrect."
sys.exit()
except ldap.LDAPError, e:
if type(e.message) == dict and e.message.has_key('desc'):
print e.message['desc']
else:
print e
sys.exit()
finally:
print "Doing unbind."
con.unbind()
Results:
Group: cn=g1,cn=groups,cn=accounts,dc=example,dc=com
Members: None
Group: cn=g2,cn=groups,cn=accounts,dc=example,dc=com
Members: None
Group: cn=coolPeople,cn=groups,cn=accounts,dc=example,dc=com
Members: None
Doing unbind.
I have plenty of users in my groups but can't seem to list them out using python-ldap
315
python-ldap returns search results as string-keyed dictionaries. The strings used as dict keys are case-sensitive (in opposite to LDAP attribute type names).
Probably the LDAP server returns this old attribute with its camel-cased name memberUid (see RFC 2307).
So this code change should bring you one step further:
a[-1].get('memberUid')
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
