如何在 python 中使用 ldap3 库管理 GroupPoliciy?
[英]How to Manage GroupPoliciy using ldap3 library in python?
问题描述
I have trouble to manage the AD Server group policy with the ldap3 library.
我无法使用 ldap3 库管理 AD 服务器组策略。
For example, I'm adding New-GPLink policy.例如,我正在添加New-GPLink策略。 I have tried to add an attribute [New-GPLink:[LinkEnabled]] but getting an error.我试图添加一个属性[New-GPLink:[LinkEnabled]]但出现错误。
Please suggest me below points with ldap3:请建议我使用 ldap3 的以下几点:
- How to add Group Policy in AD server如何在 AD 服务器中添加组策略
- How to remove Group Policy in AD Server如何删除 AD 服务器中的组策略
- How to Modify Group Policy in AD Server如何在 AD 服务器中修改组策略
- Is it possible to schedule installation and uninstallation operations using ldap3 library是否可以使用 ldap3 库来安排安装和卸载操作
Tried Thing:尝试的事情:
- Add connection添加连接
- Search User搜索用户
- Add GroupPolicy Attribute.添加 GroupPolicy 属性。
Code :代码 :
from ldap3 import Server, Connection, ALL, ALL_OPERATIONAL_ATTRIBUTES, ALL_ATTRIBUTES, ObjectDef, Reader
server = Server("192.168.1.28", get_info=ALL)
admin_username = 'lab\\administrator'
admin_password = 'A1B1C1$'
conn = Connection(server, user=admin_username, password=admin_password, auto_bind=True)
search_base = 'dc=lab,dc=com'
search_filter = '(userPrincipalName=shakti@lab.com)'
conn.bind()
conn.search(search_base=search_base, search_filter=search_filter, attributes=attributes_groups)
new_attribute = 'New-GPLink'
d_n = 'CN=shakti,DC=lab,DC=com'
conn.add(dn=d_n,object_class='user',attributes=new_attribute)
Getting below error低于错误
TypeError Traceback (most recent call last)
<ipython-input-292-425b72018c42> in <module>
----> 1 conn.add(dn=d_n,object_class='user',attributes=new_attribute)
c:\users\ankit.g\appdata\local\programs\python\python36\lib\site-packages\ldap3\core\connection.py in add(self, dn, object_class, attributes, controls)
910
911 attr_object_class = [to_unicode(object_class) for object_class in attr_object_class] # converts objectclass to unicode in case of bytes value
--> 912 _attributes[object_class_attr_name] = reduce(lambda x, y: x + [y] if y not in x else x, parm_object_class + attr_object_class, []) # remove duplicate ObjectClasses
913
914 if not _attributes[object_class_attr_name]:
TypeError: 'str' object does not support item assignment
1 个解决方案
解决方案1
0 2020-02-01 07:42:08
The issue is that attributes should be a dictionary, not a string.问题是attributes应该是字典,而不是字符串。
attributes: a dictionary in the form {'attr1': 'val1', 'attr2': 'val2', …} or {'attr1': ['val1', 'val2', …], …} for multivalued attributesattributes: 形式为 {'attr1': 'val1', 'attr2': 'val2', ...} 或 {'attr1': ['val1', 'val2', ...], ...} 的字典,用于多值属性
I'm not sure about the attribute naming though and what value you need to set exactly but the error is just about the format (could also be something like {'gpLinkStatus': 1} ), eg.我不确定属性命名以及您需要准确设置的值,但错误仅与格式有关(也可能类似于{'gpLinkStatus': 1} ),例如。
conn.add(dn=d_n,object_class='user',attributes={'New-GPLink':<value>})
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.