[英]add user to active directory by ldap python
I wrote the below code for adding a user to active directory 2012. 我编写了以下代码,用于将用户添加到活动目录2012。
I use pycharm
and python3.5
but I'm getting this error: 我使用
pycharm
和python3.5
但出现此错误:
{'info': '000020D6: SvcErr: DSID-0310081B, problem 5012 (DIR_ERROR), data 0\\n', 'desc': 'Operations error'}
My code is as follows: 我的代码如下:
server = 'ldap://31.184.132.39:389'
ldap_pass = 'function92'
ldap_bind = 'ou=DaaSUsers,dc=xaas,dc=local'
def create_user_activedirectory(username , password , name ):
username = str(username)
password=str(password)
name=str(name)
con = ldap.initialize(server)
con.simple_bind_s("administrator@xaas.local", "function92")
dn = "cn="+username+", ou=DaaSUsers, o=XaaS.local"
mymodlist = {
"objectClass": ["account".encode('utf-8'), "posixAccount".encode('utf-8'), "shadowAccount" .encode('utf-8')],
#"objectClass": [str("inetOrgPerson").encode('utf-8')],
"cn":[str(name).encode('utf-8')],
"uid": [str(username).encode('utf-8')],
"uidNumber": [str("5025").encode('utf-8')],
"gidNumber": [str("30033").encode('utf-8')],
"homeDirectory": [str("/home/"+name).encode('utf-8')],
"loginShell": ["/bin/bash".encode('utf-8')],
"gecos" : [str(username).encode('utf-8')],
"userPassword": [password.encode('utf-8')] ,
"shadowLastChange": [str("0").encode('utf-8')],
"shadowMax": [str("0").encode('utf-8')],
"shadowWarning": [str("0").encode('utf-8')],
"sn": ["De Paepe".encode('utf8')],
"givenName": ["Maarten".encode('utf8')],
"displayName": ["Maarten De Paepe".encode('utf8')],
}
con.add_s(dn,ldap.modlist.addModlist(mymodlist))
con.unbind_s()
Please help me. 请帮我。
That error usually means it doesn't like some of the values you are giving it. 该错误通常表示它不喜欢您为其提供的某些值。 Here are a couple things I notice, but it may not be everything:
我注意到了以下几点,但可能还不是全部:
The objectClass
. objectClass
。 Are those classes actually valid in your domain? 这些类在您的域中实际上有效吗? Do any existing user accounts have those classes?
现有的任何用户帐户都具有这些类吗? The default classes for a user object are usually "organizationalPerson", "person", "top", and "user".
用户对象的默认类通常是“ organizationalPerson”,“ person”,“ top”和“ user”。 Most of the time, you don't need to actually set this attribute yourself.
大多数时候,您不需要自己实际设置此属性。
I don't see you setting sAMAccountName
and userPrincipalName
. 我看不到您设置
sAMAccountName
和userPrincipalName
。 Those are required attributes. 这些是必填属性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.