stackoom
  简体   繁体   中英

add user to active directory by ldap python

 原文  2018-05-25 11:30:43       python/ python-3.x/ active-directory/ ldap

Question

I wrote the below code for adding a user to active directory 2012.
I use pycharm and python3.5 but I'm getting this error:

{'info': '000020D6: SvcErr: DSID-0310081B, problem 5012 (DIR_ERROR), data 0\\n', 'desc': 'Operations error'}

My code is as follows: 

server = 'ldap://31.184.132.39:389'
ldap_pass = 'function92'
ldap_bind = 'ou=DaaSUsers,dc=xaas,dc=local'

def create_user_activedirectory(username , password , name ):
    username = str(username)
    password=str(password)
    name=str(name)
    con = ldap.initialize(server)
    con.simple_bind_s("administrator@xaas.local", "function92")
    dn = "cn="+username+", ou=DaaSUsers, o=XaaS.local"
    mymodlist = {
         "objectClass": ["account".encode('utf-8'), "posixAccount".encode('utf-8'), "shadowAccount" .encode('utf-8')],
        #"objectClass": [str("inetOrgPerson").encode('utf-8')],
        "cn":[str(name).encode('utf-8')],
        "uid": [str(username).encode('utf-8')],
        "uidNumber": [str("5025").encode('utf-8')],
        "gidNumber": [str("30033").encode('utf-8')],
        "homeDirectory": [str("/home/"+name).encode('utf-8')],
        "loginShell": ["/bin/bash".encode('utf-8')],
        "gecos" : [str(username).encode('utf-8')],
        "userPassword": [password.encode('utf-8')] ,
        "shadowLastChange": [str("0").encode('utf-8')],
        "shadowMax": [str("0").encode('utf-8')],
        "shadowWarning": [str("0").encode('utf-8')],
        "sn": ["De Paepe".encode('utf8')],
        "givenName": ["Maarten".encode('utf8')],
        "displayName": ["Maarten De Paepe".encode('utf8')],
    }
    con.add_s(dn,ldap.modlist.addModlist(mymodlist))
    con.unbind_s()

Please help me.

1 answers

solution1
 0 ACCPTED  2018-05-25 13:07:16

That error usually means it doesn't like some of the values you are giving it. Here are a couple things I notice, but it may not be everything:

  1. The objectClass . Are those classes actually valid in your domain? Do any existing user accounts have those classes? The default classes for a user object are usually "organizationalPerson", "person", "top", and "user". Most of the time, you don't need to actually set this attribute yourself.

  2. I don't see you setting sAMAccountName and userPrincipalName . Those are required attributes.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Get user status (disabled or active) in Active Directory with ldap3 Python python-ldap and Microsoft Active Directory: connect and delete user Detect if an Active Directory user account is locked using LDAP in Python Enable Active Directory user account using ldap python unlocking Locked user accounts on Active Directory using Python ldap module Python LDAP and Active Directory issue Unable to authenticate ,enable the user in active Directory ,the user account created by using python ldap Python LDAP authentication to a Security Group in Active Directory Python LDAP write attribute to Active Directory Update Active Directory Password using ldap python
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM