Menu
I'm trying to use ldap3 with python to retrieve members of a group and also retrieve their sAMAccountName as we have mixed DN's (some with NTID and others with first/last name).
I've been trying this with no 0 luck, any help would be appreciated:
from ldap3 import Server, Connection, AUTO_BIND_NO_TLS, SUBTREE, BASE,
ALL_ATTRIBUTES, ObjectDef, AttrDef, Reader, Entry, Attribute,
OperationalAttribute import ldap3
conn = Connection(Server('adserver.com', port=389, use_ssl=False),
auto_bind=AUTO_BIND_NO_TLS, user='DOMAIN\\\NTID',
password='somepassword')
conn.search(search_base='CN=GROUPNAME,OU=Groups,OU=Resources,OU=Global,DC=adserver.com',
search_filter='(objectCategory=person)', search_scope=SUBTREE,
attributes = ['sAMAAccountName'], size_limit=0)
print(conn.response_to_json())
894
Before you can search the members you must first pull down the list of members from the group itself.
conn.search(
search_base='CN=GROUPNAME,OU=Groups,OU=Resources,OU=Global,DC=adserver.com',
search_filter='(objectClass=group)',
search_scope='SUBTREE',
attributes = ['member']
)
for entry in conn.entries:
print(entry.member.values)
This will print out a list of members as distinguished names.
You will then need to perform a new search that iterates through each of the members and returns the sAMAccountName for each member.
Here is what the full code might look like (may need to be tweaked):
conn.search(
search_base='CN=GROUPNAME,OU=Groups,OU=Resources,OU=Global,DC=adserver.com',
search_filter='(objectClass=group)',
search_scope='SUBTREE',
attributes = ['member']
)
for entry in conn.entries:
for member in entry.member.values:
conn.search(
search_base='OU=Global,DC=adserver.com',
search_filter=f'(distinguishedName={member})',
attributes=[
'sAMAccountName'
]
)
user_sAMAccountName = conn.entries[0].sAMAccountName.values
print(user_sAMAccountName)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
