I would like to fetch every users infos (firstname, lastname, email) from a Windows Server's Active Directory. So I'm using ldap3 (python) and successed connected to the server (using HyperV Windows Server 2022) with my admin logs:
from ldap3 import Server, Connection, ALL, NTLM, SAFE_SYNC
server = Server('ldap://172.28.63.240', get_info=ALL)
conn = Connection(server, user="TESTJER\Administrator",
password="my_admin_password",client_strategy=SAFE_SYNC, auto_bind=True)
status, result, response, _ = conn.search('OU=Users2,DC=testjer,DC=local',
'(givenName=*)')
print(response)
But I will need to connect to multiple differents servers in the future so I think I will not able (and it's maybe a bad idea) to have an admin account to see everything on every client's servers?
So I tried to initialize a Instance by installing a AD LDS and choosing instance name, Description, ports, etc...
But I'm not able to connect with python by specify the port, I can connect if I don't put the port so that means the Instance is useless.
ldap3.core.exceptions.LDAPBindError: automatic bind not successful - invalidCredentials
Do my needs make that I have to install an instance with a usage to only see Users infos and nothing else? How?
What I did to create the instance:
Here, I was not sure at all on what to write here, but I guess OU=Users2 means fetching only the Users2. This is what I want cause my users are:
And here I saw that I have anyway to pu an users so I have no choice I put actually my Administrator account but in the future every clients will have to create an account for me:
And finaly I guess I had to choose "MS-User.LDF" here:
from ldap3 import Server, Connection, ALL, NTLM, SAFE_SYNC
server = Server('ldap://172.28.63.240', port=50001, get_info=ALL)
conn = Connection(server, user="TESTJER\Administrator",
password="my_admin_password",client_strategy=SAFE_SYNC, auto_bind=True)
status, result, response, _ = conn.search('OU=Users2,DC=testjer,DC=local',
'(givenName=*)')
print(response)
ldap3.Connection.search()
returns max 1000 entries by default for AD
You want to use ldap3.Connection.extend.standard.paged_search()
for AD instead. The search parameters are basically the same as a regular search, but this function will give you all of the ldap entries as a returned generator object. In order to then get all of the results in a parsable format, just list cast it or for loop through it!
Something like ad_entries = list(ldap_conn.extend.standard.paged_search())
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.