![](/img/trans.png)
[英]ldap3 python search members of a group and retrieve their sAMAcountName (Active Directory)
[英]Python LDAP authentication to a Security Group in Active Directory
使用python-ldap對Active Directory進行身份驗證可以很好地與下面的代碼配合使用,現在嘗試查找如何驗證用戶是否屬於要成功進行身份驗證的安全組,但無法弄清楚該怎么做。 我將此代碼集成在flask網站中。
這是我的代碼:
import ldap
def authenticate():
conn = ldap.initialize('ldap://ldap.example.com')
conn.protocol_version = 3
conn.set_option(ldap.OPT_REFERRALS, 0)
try:
username = 'user_id'
password = 'motdepasse'
user = "%s@domain" %username
result = conn.simple_bind_s('user', 'password')
except ldap.INVALID_CREDENTIALS:
print "Invalid credentials"
return "Invalid credentials"
except ldap.SERVER_DOWN:
print "Server down"
return "Server down"
except ldap.LDAPError, e:
if type(e.message) == dict and e.message.has_key('desc'):
return "Other LDAP error: " + e.message['desc']
else:
print "Other LDAP error: "
return "Other LDAP error: " + e
finally:
conn.unbind_s()
print "Succesfully"
return "Succesfully authenticated"
authenticate()
謝謝你的幫助
為了將LDAP身份驗證限制為特定的AD組,我使用了“ search_s函數”,該功能用於查找經過身份驗證的用戶是否屬於AD組。
conn.search_s("OU={AD Security Group},OU=group,OU=Groups,dc=twpn,dc=root,dc=domain,dc=com", ldap.SCOPE_SUBTREE, "(cn=userid)")
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.