I log in to Active Directory, then I want to list my own group memberships with Python ldap3 library.
server = Server('server.company.local', get_info=ALL)
conn = Connection(server, user="company\\user", password="password", authentication=NTLM, auto_bind=True)
print(conn.extend.standard.who_am_i())
This code only shows user name (like whoami
cmd command), but i want to list my groups (like whoami /groups
command). Unfortunately I dont have the rights to make different searches on the Domain controller, thats why (perhaps) the following code returns empty string:
conn.search("dc=name,dc=company,dc=local","(&(sAMAccountName={}))".format("company\\myusername")
,attributes=['memberOf'])
How can i list my own group membership, like whoami /groups
does?
Active Directory generally allows all authenticated users to read a lot of attributes, including memberOf. Check the number of records returned for your search. I expect you are finding zero records with that search. sAMAccountName values do not generally contain the "company\\" component but are just "myusername".
问题是我搜索中的搜索库:我将"dc=name,dc=company,dc=local"
替换为"dc=company,dc=local"
它工作正常。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.