コード例 #1
0
    def _search(cls, users, attr_idx):
        """Search LDAP directory for the indexed attr for users.

        Attr index can be UID_IDX, CN_IDX or MAIL_IDX.

        Return a list containing the results.

        """
        conf = ResourceLocator.default().get_conf()
        uri = conf.get_value(["rosa-ldap", "uri"])
        binddn = conf.get_value(["rosa-ldap", "binddn"])
        passwd = ""
        passwd_file = conf.get_value(["rosa-ldap", "password-file"],
                                     cls.PASSWD_FILE)
        if passwd_file:
            passwd = open(os.path.expanduser(passwd_file)).read().strip()
        basedn = conf.get_value(["rosa-ldap", "basedn"], "")
        filter_str = "(|(uid=" + ")(uid=".join(users) + "))"
        filter_more_str = conf.get_value(["rosa-ldap", "filter-more"], "")
        if filter_more_str:
            filter_str = "(&" + filter_str + filter_more_str + ")"
        user_attr_str = conf.get_value(["rosa-ldap", "attrs"], cls.USER_ATTRS)
        attr = user_attr_str.split()[attr_idx]

        tls_ca_file = conf.get_value(["rosa-ldap", "tls-ca-file"])
        if tls_ca_file:
            ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, tls_ca_file)
        conn = ldap.initialize(uri)
        conn.bind_s(binddn, passwd)
        results = conn.search_s(basedn, ldap.SCOPE_SUBTREE, filter_str, [attr])
        conn.unbind()
        return [result[1][attr][0] for result in results]
コード例 #2
0
	def initialize(self):
		try:
			self.ld = ldap.initialize(self.ldapserver)
			self.ld.protocol_version = ldap.VERSION3
			retcode = True
		except:
			retcode = False

		return retcode
コード例 #3
0
ファイル: conexaoAD.py プロジェクト: ricardopimentel/Jasmine
 def TestarCredenciais(self): # desconsiderar metodo, apenas testes
     try:
         # build a client
         ldap_client = ldap.initialize(self.LDAP_SERVER)
         # perform a synchronous bind
         ldap_client.set_option(ldap.OPT_REFERRALS, 0)
         ldap_client.simple_bind_s(self.LDAP_USERNAME, self.LDAP_PASSWORD)
         ldap_client.unbind()
         return 's'
     except ldap.INVALID_CREDENTIALS:
         ldap_client.unbind()
         return 'i'
     except ldap.SERVER_DOWN:
         return 'n'
コード例 #4
0
ファイル: authn.py プロジェクト: lvanderree/pysaml2-3
    def __init__(self, srv, ldapsrv, return_to,
                 dn_pattern, mako_template, template_lookup):
        """
        :param srv: The server instance
        :param ldapsrv: Which LDAP server to us
        :param return_to: Where to send the user after authentication
        :return:
        """
        UsernamePasswordMako.__init__(self, srv, mako_template, template_lookup,
                                      None, return_to)

        self.ldap = ldap.initialize(ldapsrv)
        self.ldap.protocol_version = 3
        self.ldap.set_option(ldap.OPT_REFERRALS, 0)
        self.dn_pattern = dn_pattern
コード例 #5
0
ファイル: ad_auth.py プロジェクト: gitmarkar/lifts
    def __init__(self, host='localhost', port="389", base_dn="",
                 bind_dn_username="", bind_dn_password="",
                 require_group=None, ssl=False):
        """Contruct the connection.

        Assumes plaintext LDAP.
        Args:

        host -- hostname or IP of the LDAP server
        port -- Port to connect to for LDAP auth
        base_dn -- The base DN to start searching for users
        bind_dn_username -- username to user for binding to LDAP
        bind_dn_password -- bind_dn_username's password
        require_group -- User must be a member of this group to login
        ssl -- connect using SSL or not
        """
        self.error = ""
        self.host = host
        self.base_dn = base_dn
        self.bind_dn = bind_dn_username
        self.bind_pw = bind_dn_password
        self.require_group = require_group
        ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, False)
        ldap.set_option(ldap.OPT_REFERRALS, 0)
        self.authenticated_user = None
        self.authenticated_dn = None
        self.authsource = "Active Directory on {}".format(base_dn)
        self.ldap_url = ''.join([
            (ssl and "ldaps://") or "ldap://",
            self.host,
            (port and ":{}".format(port)) or ''
        ])

        # attempt to connect and bind to the server
        try:
            self.con = ldap.initialize(self.ldap_url)
            if ssl:
                self.con.start_tls_s()
            self.con.simple_bind_s(self.bind_dn, self.bind_pw)
        except ldap.INVALID_CREDENTIALS:
            self.error = "Could not bind to server {}.".format(self.host)
            if self.bind_dn is not None:
                self.error += "as " + self.bind_dn
                self.con = False
        except ldap.SERVER_DOWN:
            self.error = "Could not make connection to {}.".format(self.host)
コード例 #6
0
ファイル: conexaoAD.py プロジェクト: ricardopimentel/Jasmine
 def Login(self):
     try:
         l=ldap.initialize(self.LDAP_SERVER)
         l.set_option(ldap.OPT_REFERRALS, 0)
         l.simple_bind_s(self.LDAP_USERNAME, self.LDAP_PASSWORD)
         user_filter = '(name=%s)' %self.username
         base_dn = self.base
         res = l.search_ext_s(base_dn, ldap.SCOPE_SUBTREE, user_filter, ['displayName', 'memberof'])
         l.unbind()
         try:
             return res[0]
         except:
             return 'o' # Usuario fora do escopo permitido
     except ldap.INVALID_CREDENTIALS:
         l.unbind()
         return 'i' # Credenciais Invalidas
     except ldap.SERVER_DOWN:
         return 'n' # Servidor não encotrado
コード例 #7
0
 def ListaAlunos(self):
     try:
         l = ldap.initialize(self.LDAP_SERVER)
         l.set_option(ldap.OPT_REFERRALS, 0)
         l.simple_bind_s(self.LDAP_USERNAME, self.LDAP_PASSWORD)
         user_filter = '(memberof=CN=G_PARAISO_DO_TOCANTINS_ALUNOS_BOLSISTAS, CN=Users,DC=ifto,DC=local)'
         #user_filter = '(groupMembership=cn=G_PARAISO_DO_TOCANTINS_ALUNOS_BOLSISTAS,ou=Groups,o=CUST)' #'(&(objectCategory=user)(objectClass=user)(memberOf=name=G_ADMINS_AD_IFTO))'
         base_dn = self.base
         res = l.search_ext_s(
             base_dn, ldap.SCOPE_SUBTREE, user_filter,
             ['description', 'mail', 'sAMAccountName', 'displayName'])
         l.unbind()
         return res
     except ldap.INVALID_CREDENTIALS:
         l.unbind()
         return 'i'
     except ldap.SERVER_DOWN:
         return 'n'
コード例 #8
0
ファイル: edirectory_auth.py プロジェクト: gitmarkar/lifts
    def __init__(self, host='localhost',
                 port="389", bind_dn="",
                 bind_pw="", require_group=None,
                 ssl=False):
        """Contruct an eDirectory connection object.

        Assumes plaintext LDAP.
        Args:
        host -- The hostname or IP of the directory server
        port -- The port number to connect to
        bind_dn -- A DN (username) to bind to the directory as
        bind_pw -- The bind_dn's password
        require_group -- Require membership in this group for login
        ssl -- Connect using SSL or not
        """
        self.error = ""
        self.host = host
        self.bind_dn = bind_dn
        self.bind_pw = bind_pw
        ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, False)
        self.authenticated_user = None
        self.authenticated_dn = None
        self.authsource = "Novell eDirectory on " + host
        self.require_group = require_group
        self.ldap_url = ''.join([
            (ssl and "ldaps://") or "ldap://",
            self.host,
            (port and ":{}".format(port)) or ''
        ])
        # attempt to connect to the server
        try:
            self.con = ldap.initialize(self.ldap_url)
            if ssl:
                self.con.start_tls_s()
            self.con.simple_bind_s(self.bind_dn, self.bind_pw)
        except ldap.INVALID_CREDENTIALS:
            self.error = "Could not bind to server {}.".format(self.host)
            if self.bind_dn is not None:
                self.error += "as %s" % self.bind_dn
                self.con = False
        except ldap.SERVER_DOWN:
            self.error = "Could not make connection to {}.".format(self.host)
コード例 #9
0
ファイル: conexaoAD.py プロジェクト: ricardopimentel/Jasmine
 def PrimeiroLogin(self, Username, Password, Dominio, Endservidor):
     # servidor ad
     LDAP_SERVER = 'ldap://%s' % Endservidor
     # nome completo do usuario no AD
     LDAP_USERNAME = Username+ '@'+ Dominio
     # sua senha
     LDAP_PASSWORD = Password
     
     try:
         l=ldap.initialize(LDAP_SERVER)
         l.set_option(ldap.OPT_REFERRALS, 0)
         l.simple_bind_s(LDAP_USERNAME, LDAP_PASSWORD)
         user_filter = '(name=%s)' %Username
         res = l.search_ext_s(self.base, ldap.SCOPE_SUBTREE, user_filter, ['displayName', 'memberof'])
         l.unbind()
         return res[0]
     except ldap.INVALID_CREDENTIALS:
         l.unbind()
         return 'i'
     except ldap.SERVER_DOWN:
         return 'n'
コード例 #10
0
import ldap3

uri = "avworld"
user = "******"
password = "******"

ldapClient = ldap3.initialize(uri)
ldapClient.set_option(ldap3.OPT_REFERRALS, 0)

ldapClient.bind(user, password)

results = ldapClient.search_s("cn=My-Group-1,ou=Groups,o=CUST",
                              ldap3.SCOPE_BASE)

for result in results:
    result_dn = result[0]
    result_attrs = result[1]

    if "member" in result_attrs:
        for member in result_attrs["member"]:
            print(member)

ldapClient.unbind_s()
コード例 #11
0
import ldap3

uri = "avworld"
user = "******"
password = "******"

ldapClient = ldap3.initialize(uri)
ldapClient.set_option(ldap3.OPT_REFERRALS, 0)

ldapClient.bind(user, password)

results = ldapClient.search_s("cn=My-Group-1,ou=Groups,o=CUST", ldap3.SCOPE_BASE)

for result in results:
  result_dn = result[0]
  result_attrs = result[1]

  if "member" in result_attrs:
    for member in result_attrs["member"]:
      print(member)

ldapClient.unbind_s()