def get_groups(self, size=20, cookie=''): page_control = SimplePagedResultsControl(True, size=size, cookie=cookie) dn = f"cn=groups,cn=accounts,{self.basedn}" filters = r"(|(objectClass=ipausergroup)(objectclass=groupofnames))" scope = ldap.SCOPE_SUBTREE attrlist = ['cn'] output = [] msgid = self.conn.search_ext(dn, scope, filters, attrlist=attrlist, serverctrls=[page_control]) if msgid is None: return (None, 0, None, output) rtype, rdata, rmsgid, serverctrls = self.conn.result3( msgid, resp_ctrl_classes=known_ldap_resp_ctrls) for dn, data in rdata: output.append(data['cn'][0].decode('utf8')) controls = [ c for c in serverctrls if c.controlType == SimplePagedResultsControl.controlType ] if controls: ctrl = controls[0] if int(ctrl.size) == 0: return (rmsgid, 0, None, output) if ctrl.cookie: return (rmsgid, size, ctrl.cookie, output) return (rmsgid, 0, None, output)
def get_group_members(self, groupname, size=20, cookie=''): page_control = SimplePagedResultsControl(True, size=size, cookie=cookie) groupname = ldap_filter.escape_filter_chars(groupname) dn = f"cn=users,cn=accounts,{self.basedn}" filters = ( "(&" f"(memberOf=cn={groupname},cn=groups,cn=accounts,{self.basedn})" "(objectClass=person)" "(!(nsAccountLock=TRUE))" ")") scope = ldap.SCOPE_SUBTREE attrlist = ['uid'] output = [] msgid = self.conn.search_ext(dn, scope, filters, attrlist=attrlist, serverctrls=[page_control]) if msgid is None: return (None, 0, None, output) rtype, rdata, rmsgid, serverctrls = self.conn.result3( msgid, resp_ctrl_classes=known_ldap_resp_ctrls) for dn, data in rdata: output.append(data['uid'][0].decode('utf8')) controls = [ c for c in serverctrls if c.controlType == SimplePagedResultsControl.controlType ] if controls: ctrl = controls[0] if int(ctrl.size) == 0: return (rmsgid, 0, None, output) if ctrl.cookie: return (rmsgid, size, ctrl.cookie, output) return (rmsgid, 0, None, output)
import ldap,pprint try: from ldap.controls.pagedresults import SimplePagedResultsControl except ImportError: from ldap.controls.libldap import SimplePagedResultsControl searchreq_attrlist=['cn','entryDN','entryUUID','mail','objectClass'] #ldap.set_option(ldap.OPT_DEBUG_LEVEL,255) ldap.set_option(ldap.OPT_REFERRALS, 0) l = ldap.initialize(url,trace_level=trace_level) l.protocol_version = 3 l.simple_bind_s(binddn,bindpw) req_ctrl = SimplePagedResultsControl(True,size=page_size,cookie='') known_ldap_resp_ctrls = { SimplePagedResultsControl.controlType:SimplePagedResultsControl, } # Send search request msgid = l.search_ext( base, ldap.SCOPE_SUBTREE, search_flt, attrlist=searchreq_attrlist, serverctrls=[req_ctrl] ) pages = 0
# Switch off processing .ldaprc or ldap.conf before importing _ldap os.environ['LDAPNOINIT'] = '1' from slapdtest import SlapdTestCase, requires_tls import ldap from ldap.controls import RequestControlTuples from ldap.controls.pagedresults import SimplePagedResultsControl from ldap.controls.openldap import SearchNoOpControl from ldap.ldapobject import SimpleLDAPObject SENTINEL = object() TEST_CTRL = RequestControlTuples([ # with BER data SimplePagedResultsControl(criticality=0, size=5, cookie=b'cookie'), # value-less SearchNoOpControl(criticality=1), ]) TEST_CTRL_EXPECTED = [ TEST_CTRL[0], # get_option returns empty bytes (TEST_CTRL[1][0], TEST_CTRL[1][1], b''), ] class BaseTestOptions: """Common tests for getting/setting options Used in subclasses below """
def result3(msgid, resp_ctrl_classes=''): return 101, mocked, 1, [ SimplePagedResultsControl(True, size=20, cookie='') ]