[英]Enable Active Directory user account using ldap python
I am using ldap module in python to add user to Microsoft 2012 Active Directory.我在 python 中使用 ldap 模块将用户添加到 Microsoft 2012 Active Directory。 As I am successfully able to add user to the AD, user gets added with next logon and account as disabled options ticked.
由于我能够成功地将用户添加到 AD,用户将在下次登录和帐户时添加为禁用选项。 I tried lot of option to enable the account but not able to do so.
我尝试了很多选项来启用该帐户,但无法这样做。 Tried option of enabling account while creating user but that doesn't work too.
尝试在创建用户时启用帐户的选项,但这也不起作用。 Tried modify function but still no luck.
尝试修改功能,但仍然没有运气。 Could anyone suggest a detour for the above problem?
任何人都可以为上述问题建议绕道而行吗? Thanks in advance
提前致谢
You need to modify the entry after it is created and set the userAccountControl
attribute.您需要在创建条目并设置
userAccountControl
属性后对其进行修改。
The userAccountControl
attribute is a bit flag. userAccountControl
属性是一个位标志。
There are a few different enabled
states that can be set.可以设置几种不同的
enabled
状态。
512
- is a default enabled account 512
- 是默认启用的帐户67048
- is an enabled account where the password does not expire 67048
- 是密码不会过期的已启用帐户Before Enable an Active Directory account check below items:在启用 Active Directory 帐户之前检查以下项目:
userPrincipleName
attribute is set, same as email!userPrincipleName
属性,与电子邮件相同!userAccountControl=544
instead of userAccountControl=512
or userAccountControl=67048
.userAccountControl=544
而不是userAccountControl=512
或userAccountControl=67048
来启用用户。 Then you can use below sample code to enable user:然后您可以使用以下示例代码来启用用户:
from ldap3 import Server, Connection, MODIFY_REPLACE
server = Server('ldap://hostname', 389, use_ssl=False)
connection = Connection(server, user='DOMAIN/Administrator', password='AdminPass', auto_bind=True)
connection.modify(distinguishedName, {'userAccountControl': (MODIFY_REPLACE, [544])})
connection.modify(distinguishedName, {'userAccountControl': (MODIFY_REPLACE, [512])}) # for users' who have password.
connection.unbind()
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.