def paged_search_iter(self, filter, attrs=None): # Test for version 2.3 API try: lc = SimplePagedResultsControl \ (ldap.LDAP_CONTROL_PAGE_OID, True, (self.page_size, '')) api_version = 3 except AttributeError: # New version 2.4 API lc = SimplePagedResultsControl \ (True, size = self.page_size, cookie = '') sc = \ { SimplePagedResultsControl.controlType : SimplePagedResultsControl } api_version = 4 res = self.ldcon.search_ext \ ( self.cfg.LDAP_BASE_DN , ldap.SCOPE_SUBTREE , filter , attrlist = attrs , serverctrls = [lc] ) while True: params = (res, ) if api_version == 3: rtype, rdata, rmsgid, serverctrls = self.ldcon.result3(res) pctrls = \ [c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] else: rtype, rdata, rmsgid, serverctrls = self.ldcon.result3 \ (res, resp_ctrl_classes = sc) pctrls = \ [c for c in serverctrls if c.controlType == SimplePagedResultsControl.controlType ] for r in rdata: if not r[0]: continue r = LDAP_Search_Result(r) yield r if pctrls: if api_version == 3: x, cookie = pctrls[0].controlValue lc.controlValue = (self.page_size, cookie) else: cookie = pctrls[0].cookie lc.cookie = cookie if not cookie: break res = self.ldcon.search_ext \ ( self.cfg.LDAP_BASE_DN , ldap.SCOPE_SUBTREE , filter , attrs , serverctrls = [lc] ) else: break
def _PagedAsyncSearch(ldap_conn, sizelimit, base_dn, scope, filterstr="(objectClass=*)", attrlist=None): """ Helper function that implements a paged LDAP search for the Search method below. Args: ldap_conn: our OMLdapConnection object sizelimit: max # of users to return. filterstr: LDAP filter to apply to the search attrlist: list of attributes to return. If null, all attributes are returned Returns: A list of users as returned by the LDAP search """ # Time to autodetect our library's API, because python-ldap's API intoduced # breaking changes between versions 2.3 and 2.4. use_old_paging_api = False if hasattr(ldap, "LDAP_CONTROL_PAGE_OID"): use_old_paging_api = True paged_results_control = SimplePagedResultsControl( controlType=ldap.LDAP_CONTROL_PAGE_OID, criticality=True, controlValue=(_PAGE_SIZE, "") ) page_ctrl_oid = ldap.LDAP_CONTROL_PAGE_OID else: paged_results_control = SimplePagedResultsControl(criticality=True, size=_PAGE_SIZE, cookie="") page_ctrl_oid = ldap.controls.SimplePagedResultsControl.controlType logging.debug("Paged search on %s for %s", base_dn, filterstr) users = [] ix = 0 while True: if _PAGE_SIZE == 0: serverctrls = [] else: serverctrls = [paged_results_control] msgid = ldap_conn.conn.search_ext(base_dn, scope, filterstr, attrlist=attrlist, serverctrls=serverctrls) res = ldap_conn.conn.result3(msgid=msgid) unused_code, results, unused_msgid, serverctrls = res for result in results: ix += 1 users.append(result) if sizelimit and ix >= sizelimit: break if sizelimit and ix >= sizelimit: break cookie = None for serverctrl in serverctrls: if serverctrl.controlType == page_ctrl_oid: if use_old_paging_api: unused_est, cookie = serverctrl.controlValue if cookie: paged_results_control.controlValue = (_PAGE_SIZE, cookie) else: cookie = paged_results_control.cookie = serverctrl.cookie break if not cookie: break return users
def ldap_search_paged(l, basedn, scope, filter, attributes, timeout, page_size): # FIXME: untested from ldap.controls import SimplePagedResultsControl lc = SimplePagedResultsControl( ldap.LDAP_CONTROL_PAGE_OID, True, (page_size,'') ) # Send search request result_id = l.search_ext(basedn, scope, filter, attributes, serverctrls=[lc]) pages = 0 while True: pages += 1 log.debug('Getting page %d', pages) result_type, result_data, result_msgid, serverctrls = l.result3(result_id) log.debug('%d results', len(result_data)) if not result_data: break pctrls = [c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID] if pctrls: est, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) result_id = l.search_ext(basedn, scope, filter, attributes, serverctrls=[lc]) else: break else: log.warn('Server ignores RFC 2696 control.') break
def create_ldif_from_master(lo, ldif_file, base, page_size): """ create ldif file from everything from lo """ logging.info('Fetching LDIF ...') if ldif_file == '-': output = sys.stdout else: if os.path.isfile(ldif_file): os.unlink(ldif_file) output = gzip.open(ldif_file, 'wb') if hasattr(ldap, 'LDAP_CONTROL_PAGE_OID'): # python-ldap <= 2.3 logging.debug('Using old python-ldap 2.3 API') api24 = False lc = SimplePagedResultsControl(controlType=ldap.LDAP_CONTROL_PAGE_OID, criticality=True, controlValue=(page_size, '')) page_ctrl_oid = ldap.LDAP_CONTROL_PAGE_OID else: # python-ldap >= 2.4 logging.debug('Using new python-ldap 2.4 API') api24 = True lc = SimplePagedResultsControl(criticality=True, size=page_size, cookie='') page_ctrl_oid = lc.controlType while True: msgid = lo.lo.search_ext(base, ldap.SCOPE_SUBTREE, '(objectclass=*)', ['+', '*'], serverctrls=[lc]) rtype, rdata, rmsgid, serverctrls = lo.lo.result3(msgid) for dn, data in rdata: logging.debug('Processing %s ...', dn) for attr in replication.EXCLUDE_ATTRIBUTES: data.pop(attr, None) output.write(ldif.CreateLDIF(dn, data, cols=10000)) pctrls = [c for c in serverctrls if c.controlType == page_ctrl_oid] if pctrls: if api24: cookie = lc.cookie = pctrls[0].cookie else: _est, cookie = pctrls[0].controlValue lc.controlValue = (page_size, cookie) if not cookie: break else: logging.warning( "Server ignores RFC 2696 Simple Paged Results Control.") break output.close()
def paged_search_ext_s(self, base, scope, filterstr='(objectClass=*)', attrlist=None, attrsonly=0, serverctrls=None, clientctrls=None, timeout=30, sizelimit=0): use_old_paging_api = False if hasattr(ldap, 'LDAP_CONTROL_PAGE_OID'): use_old_paging_api = True lc = SimplePagedResultsControl(ldap.LDAP_CONTROL_PAGE_OID, True, (self.page_size, '')) page_ctrl_oid = ldap.LDAP_CONTROL_PAGE_OID else: lc = ldap.controls.libldap.SimplePagedResultsControl( size=self.page_size, cookie='') page_ctrl_oid = ldap.controls.SimplePagedResultsControl.controlType msgid = self.search_ext(base, scope, filterstr, attrlist=attrlist, serverctrls=[lc]) pages = 0 all_results = [] while True: pages += 1 rtype, rdata, rmsgid, serverctrls = self.result3(msgid) all_results.extend(rdata) pctrls = [c for c in serverctrls if c.controlType == page_ctrl_oid] if pctrls: if use_old_paging_api: est, cookie = pctrls[0].controlValue lc.controlValue = (self.page_size, cookie) else: cookie = lc.cookie = pctrls[0].cookie if cookie: msgid = self.search_ext(base, ldap.SCOPE_SUBTREE, filterstr, attrlist=attrlist, serverctrls=[lc]) else: break else: raise ldap.LDAPError return all_results
def paged_search(self, base, sfilter, attrlist, scope='subtree', page_size=1000): if scope == 'one': _scope = ldap.SCOPE_ONELEVEL else: _scope = ldap.SCOPE_SUBTREE lc = SimplePagedResultsControl( ldap.LDAP_CONTROL_PAGE_OID,True,(page_size,'') ) # Send search request msgid = self.l.search_ext( base, _scope, sfilter, attrlist=attrlist, serverctrls=[lc] ) results = [] pages = 0 while True: pages += 1 #print "Getting page %d" % (pages,) rtype, rdata, rmsgid, serverctrls = self.l.result3(msgid) #print '%d results' % len(rdata) for dn,data in rdata: _r = data _r['dn'] = dn results.append(_r) #results += [i[0] for i in rdata] #pprint.pprint(rdata[0]) pctrls = [ c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: est, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) msgid = l.search_ext( base, _scope, sfilter, attrlist=attrlist, serverctrls=[lc] ) else: break else: print "Warning: Server ignores RFC 2696 control." break return results
def _paged_search(self, base_dn, scope, search_filter, attrs): conn = self.connect() # Get paged results to prevent exceeding server size limit page_size = 1000 if PYTHON_LDAP_24: lc = SimplePagedResultsControl(size=page_size, cookie='') else: lc = SimplePagedResultsControl(LDAP_CONTROL_PAGED_RESULTS, True, (page_size, ''),) is_last_page = False results = [] while not is_last_page: msgid = conn.search_ext(base_dn, scope, search_filter, attrs, serverctrls=[lc]) rtype, rdata, rmsgid, serverctrls = conn.result3(msgid) pctrls = [c for c in serverctrls if c.controlType == LDAP_CONTROL_PAGED_RESULTS] results.extend(rdata) if pctrls: if PYTHON_LDAP_24: cookie = pctrls[0].cookie if cookie: lc.cookie = cookie else: is_last_page = True else: cookie = pctrls[0].controlValue[1] if cookie: # lc.controlValue seems to have been mutable at some # point, now it's a tuple. cv = list(lc.controlValue) cv[1] = cookie lc.controlValue = tuple(cv) else: is_last_page = True else: is_last_page = True if results: # If the search returned an empty result, page controls # aren't included - so don't produce a bogus warning logger.warn( "Server ignores paged results control (RFC 2696).") return results
def paged_search(self, filterstr='(objectClass=*)', attrlist=None, attrsonly=0, timeout=-1): """Searches Active Directory for a given search string. Uses RFC 2696 paged results control to search AD. This comes into play when the search yields more then ldap.SIZE_LIMIT results. This search uses the LDAP_BASE value read from configuration. If there is need for searching higher up in the AD tree then the configuration should be changed. Args: filterstr (str): The search term to look for in AD. attrlist (list): List of attributes to get from AD. Defaults to all. attrsonly (bool): Only gets attributes, not values. timeout (int): Time the search waits for results before giving up. Returns: list: List with all results. """ #Simple paged results control to keep track of the search status req_ctrl = SimplePagedResultsControl(ldap.LDAP_CONTROL_PAGE_OID, True, (self.LDAP_PAGE_SIZE, '')) #Send first search request msgid = self.ldap.search_ext(self.LDAP_BASE, ldap.SCOPE_SUBTREE, filterstr=filterstr, attrlist=attrlist, serverctrls=[req_ctrl], timeout=timeout) all_results = [] while True: rtype, rdata, rmsgid, rctrls = self.ldap.result3(msgid) all_results.extend(rdata) #Extract the simple paged results response control pctrls = [c for c in rctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID] if pctrls: est, cookie = pctrls[0].controlValue if cookie: #Copy cookie from response control to request control req_ctrl.controlValue = (self.LDAP_PAGE_SIZE, cookie) #Continue the search with updated request control msgid = self.ldap.search_ext(self.LDAP_BASE, ldap.SCOPE_SUBTREE, filterstr=filterstr, attrlist=attrlist, serverctrls=[req_ctrl], timeout=timeout) else: break else: print("Warning: Server ignores RFC 2696 control.") break return all_results
def _PagedAsyncSearch(ldap_conn, sizelimit, base_dn, scope, filterstr='(objectClass=*)', attrlist=None): """ Helper function that implements a paged LDAP search for the Search method below. Args: ldap_conn: our OMLdapConnection object sizelimit: max # of users to return. filterstr: LDAP filter to apply to the search attrlist: list of attributes to return. If null, all attributes are returned Returns: A list of users as returned by the LDAP search """ paged_results_control = SimplePagedResultsControl( ldap.LDAP_CONTROL_PAGE_OID, True, (_PAGE_SIZE, '')) logging.debug('Paged search on %s for %s', base_dn, filterstr) users = [] ix = 0 while True: if _PAGE_SIZE == 0: serverctrls = [] else: serverctrls = [paged_results_control] msgid = ldap_conn.conn.search_ext(base_dn, scope, filterstr, attrlist=attrlist, serverctrls=serverctrls) res = ldap_conn.conn.result3(msgid=msgid) unused_code, results, unused_msgid, serverctrls = res for result in results: ix += 1 users.append(result) if sizelimit and ix >= sizelimit: break if sizelimit and ix >= sizelimit: break cookie = None for serverctrl in serverctrls: if serverctrl.controlType == ldap.LDAP_CONTROL_PAGE_OID: unused_est, cookie = serverctrl.controlValue if cookie: paged_results_control.controlValue = (_PAGE_SIZE, cookie) break if not cookie: break return users
def _PagedAsyncSearch(self, query, sizelimit, attrlist=None): """ Helper function that implements a paged LDAP search for the Search method below. Args: query: LDAP filter to apply to the search sizelimit: max # of users to return. attrlist: list of attributes to return. If null, all attributes are returned Returns: A list of users as returned by the LDAP search """ if not self.IsUsingLdapLibThatSupportsPaging(): logging.error('Your version of python-ldap is too old to support ' 'paged LDAP queries. Aborting search.') return None paged_results_control = SimplePagedResultsControl( ldap.LDAP_CONTROL_PAGE_OID, True, (self.ldap_page_size, '')) logging.debug('Paged search on %s for %s' % (self.ldap_base_dn, query)) users = [] ix = 0 while True: if self.ldap_page_size == 0: serverctrls = [] else: serverctrls = [paged_results_control] msgid = self.conn.search_ext(self.ldap_base_dn, ldap.SCOPE_SUBTREE, query, attrlist=attrlist, serverctrls=serverctrls) res = self.conn.result3(msgid=msgid, timeout=self.ldap_timeout) unused_code, results, unused_msgid, serverctrls = res for result in results: ix += 1 users.append(result) if sizelimit and ix >= sizelimit: break if sizelimit and ix >= sizelimit: break cookie = None for serverctrl in serverctrls: if serverctrl.controlType == ldap.LDAP_CONTROL_PAGE_OID: unused_est, cookie = serverctrl.controlValue if cookie: paged_results_control.controlValue = (self.ldap_page_size, cookie) break if not cookie: break return users
def list_machines(self, name=None, attrs=None): if attrs is None: attrs = COMPUTER_ATTRS oc_filter = '(objectclass=computer)' desc = self.machine_description(name) page_size = 64 lc = SimplePagedResultsControl(ldap.LDAP_CONTROL_PAGE_OID, True, (page_size, '')) conn = self.open() msgid = conn.search_ext(desc, ldap.SCOPE_SUBTREE, oc_filter, attrs, serverctrls=[lc]) rval = {} while True: # (rtype, rdata, rmsgid, serverctrls) _, rdata, _, serverctrls = conn.result3(msgid) # Synthesize the machines into a simple form. for machine in rdata: if machine[0]: for cn in machine[1]['cn']: rval[cn.lower()] = machine[1] # Read the next page of the result. pctrls = [ c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: # (est, cookie) _, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) msgid = conn.search_ext(desc, ldap.SCOPE_SUBTREE, oc_filter, attrs, serverctrls=[lc]) else: break return rval
def getEnabledAccountList (ldapHandle, fhandle): # define variables for query page_size = 1000 filter = "(&(sAMAccountName=*)(userAccountControl=" + str(ENA_NUM) + "))" attributeList = ['sAMAccountName', 'mail'] lc = SimplePagedResultsControl (ldap.LDAP_CONTROL_PAGE_OID, True, (page_size, "")) msgid = ldapHandle.search_ext ( BASE, SCOPE, filter, attributeList, serverctrls = [lc] ) pages = 0 while True: pages += 1 print "Getting page %d" % pages rtype, rdata, rmsgid, serverctrls = ldapHandle.result3 (msgid) print "%d results" % len (rdata) for pi in rdata: if (len (pi) == 2) and (type (pi[1]) is dict) and (len(pi[1]) == 2): #print pi #print pi[1] accName = pi[1]['sAMAccountName'][0] mail = pi[1]['mail'][0] if (accName + SUFFIX).lower() != mail.lower(): #fhandle.write (accName + "," + mail + "\n") print (accName + "," + mail + "\n") pctrls = [ c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: est, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) msgid = ldapHandle.search_ext (BASE, SCOPE, filter, attributeList, serverctrls=[lc]) else: break else: print "Warning" break
def ldap_search_paged(l, basedn, scope, filter, attributes, timeout, page_size): # FIXME: untested from ldap.controls import SimplePagedResultsControl lc = SimplePagedResultsControl(ldap.LDAP_CONTROL_PAGE_OID, True, (page_size, '')) # Send search request result_id = l.search_ext(basedn, scope, filter, attributes, serverctrls=[lc]) pages = 0 while True: pages += 1 log.debug('Getting page %d', pages) result_type, result_data, result_msgid, serverctrls = l.result3( result_id) log.debug('%d results', len(result_data)) if not result_data: break pctrls = [ c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: est, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) result_id = l.search_ext(basedn, scope, filter, attributes, serverctrls=[lc]) else: break else: log.warn('Server ignores RFC 2696 control.') break
def ldap_paged_async_search(base, scope, filt, columns): ldap_log(' PAGED ASYNC SEARCH') page_size = config.ldap_connection.get('page_size', 100) if ldap_compat: lc = SimplePagedResultsControl(size = page_size, cookie = '') else: lc = SimplePagedResultsControl( LDAP_CONTROL_PAGED_RESULTS, True, (page_size, '') ) results = [] while True: # issue the ldap search command (async) msgid = ldap_connection.search_ext(base, scope, filt, columns, serverctrls = [lc]) unused_code, response, unused_msgid, serverctrls = ldap_connection.result3( msgid = msgid, timeout = config.ldap_connection.get('response_timeout', 5) ) for result in response: results.append(result) # Mark current position in pagination control for next loop cookie = None for serverctrl in serverctrls: if serverctrl.controlType == LDAP_CONTROL_PAGED_RESULTS: if ldap_compat: cookie = serverctrl.cookie if cookie: lc.cookie = cookie else: cookie = serverctrl.controlValue[1] if cookie: lc.controlValue = (page_size, cookie) break if not cookie: break return results
def list_machines(self, name=None, attrs=None): if attrs is None: attrs = COMPUTER_ATTRS oc_filter = '(objectclass=computer)' desc = self.machine_description(name) page_size = 64 lc = SimplePagedResultsControl( ldap.LDAP_CONTROL_PAGE_OID, True, (page_size,'')) conn = self.open() msgid = conn.search_ext( desc, ldap.SCOPE_SUBTREE, oc_filter, attrs, serverctrls=[lc]) rval = {} while True: # (rtype, rdata, rmsgid, serverctrls) _, rdata, _, serverctrls = conn.result3(msgid) # Synthesize the machines into a simple form. for machine in rdata: if machine[0]: for cn in machine[1]['cn']: rval[cn.lower()] = machine[1] # Read the next page of the result. pctrls = [ c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: # (est, cookie) _, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) msgid = conn.search_ext( desc, ldap.SCOPE_SUBTREE, oc_filter, attrs, serverctrls=[lc]) else: break return rval
def paged_search_ext_s(self, base, scope, filterstr='(objectClass=*)', attrlist=None, attrsonly=0, serverctrls=None, clientctrls=None, timeout=30, sizelimit=0): use_old_paging_api = False if hasattr(ldap, 'LDAP_CONTROL_PAGE_OID'): use_old_paging_api = True lc = SimplePagedResultsControl( ldap.LDAP_CONTROL_PAGE_OID,True,(self.page_size,'') ) page_ctrl_oid = ldap.LDAP_CONTROL_PAGE_OID else: lc = ldap.controls.libldap.SimplePagedResultsControl(size=self.page_size,cookie='') page_ctrl_oid = ldap.controls.SimplePagedResultsControl.controlType msgid = self.search_ext(base, scope, filterstr, attrlist=attrlist, serverctrls=[lc]) pages = 0 all_results = [] while True: pages += 1 rtype, rdata, rmsgid, serverctrls = self.result3(msgid) all_results.extend(rdata) pctrls = [ c for c in serverctrls if c.controlType == page_ctrl_oid ] if pctrls: if use_old_paging_api: est, cookie = pctrls[0].controlValue lc.controlValue = (self.page_size, cookie) else: cookie = lc.cookie = pctrls[0].cookie if cookie: msgid = self.search_ext(base, ldap.SCOPE_SUBTREE, filterstr, attrlist=attrlist, serverctrls=[lc]) else: break else: raise ldap.LDAPError return all_results
ldap.SCOPE_SUBTREE, search_flt, attrlist=searchreq_attrlist, serverctrls=[lc]) pages = 0 while True: pages += 1 print "Getting page %d" % (pages, ) rtype, rdata, rmsgid, serverctrls = l.result3(msgid) print '%d results' % len(rdata) pprint.pprint(rdata) pctrls = [ c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: pprint.pprint(pctrls) est, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) msgid = l.search_ext(base, ldap.SCOPE_SUBTREE, search_flt, attrlist=searchreq_attrlist, serverctrls=[lc]) else: break else: print "Warning: Server ignores RFC 2696 control." break
# Send search request msgid = l.search_ext( base, ldap.SCOPE_SUBTREE, search_flt, serverctrls=[lc] ) pages = 0 while True: pages += 1 print("Getting page %d" % (pages,)) rtype, rdata, rmsgid, serverctrls = l.result3(msgid) print('%d results' % len(rdata)) pctrls = [ c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: est, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) msgid = l.search_ext(base, ldap.SCOPE_SUBTREE, search_flt, serverctrls=[lc]) else: break else: print("Warning: Server ignores RFC 2696 control.") break
resultCode, results, unusedMessageId, serverControls = ldapConnection.result3(messageId) except ldap.LDAPError, err: sys.stderr.write('Error getting user paged search results: ' + str(err) + '\n' ) return returnValue for result in results: pageCounter = pageCounter + 1 returnValue.append(result) cookie = None for serverCtrl in serverControls: if serverCtrl.controlType == ldap.LDAP_CONTROL_PAGE_OID: unusedValue, cookie = serverCtrl.controlValue if cookie: pagedResultsControl.controlValue = (pageSize, cookie) break if not cookie: break try: ldapConnection.unbind_s() except ldap.LDAPError, err: sys.stderr.write('Error while disconnecting from server ' + ldapServer + '... Reason ' + str(err) + '\n') return returnValue return returnValue def getMembersInAGroup(groupName): returnValue = []
def run_paged_search(self, search_base, search_filter, attrs=None, **kwargs): host = self.host who = self.who cred = self.cred page_size = self.page_size scope = ldap.SCOPE_SUBTREE if kwargs.has_key("host"): host = kwargs['host'] if kwargs.has_key("who"): who = kwargs['who'] if kwargs.has_key('cred'): cred = kwargs['cred'] if kwargs.has_key('scope'): scope = kwargs['scope'] if kwargs.has_key("page_size"): page_size = int(kwargs['page_size']) scope_str = "ldap.SCOPE_SUBTREE" if scope == ldap.SCOPE_BASE: scope_str = 'ldap.SCOPE_BASE' elif scope == ldap.SCOPE_ONELEVEL: scope_str = 'ldap.SCOPE_ONELEVEL' if host is not self.get_ldap_host() and host is not self.get_directory_host(): raise Exception("Invalid host, must use either ldap host or directory host") log.debug("running paged search") log.debug("host: "+host) log.debug("who: "+who) log.debug("base: "+search_base) log.debug("filter: "+search_filter) log.debug("attrs: "+str(attrs)) log.debug('scope: '+scope_str) log.debug("page size: "+str(page_size)) try: conn = ldap.initialize(host) ldap.set_option( ldap.OPT_X_TLS_DEMAND, True ) #ldap.set_option( ldap.OPT_DEBUG_LEVEL, 255 ) ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT,ldap.OPT_X_TLS_NEVER) lc = SimplePagedResultsControl( ldap.LDAP_CONTROL_PAGE_OID, True, (page_size,'')) if host is self.get_ldap_host(): result = conn.simple_bind_s(who,cred) else: result = conn.simple_bind_s() result = [] msgid = conn.search_ext(search_base, scope, search_filter, attrs, serverctrls=[lc]) pages = 0 while True: pages = pages + 1 log.debug("getting page "+str(pages)) rtype, rdata, rmsgid, serverctrls = conn.result3(msgid) log.debug("result count: "+str(len(rdata))) result.extend(rdata) pctrls = [c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: est, cookie = pctrls[0].controlValue if cookie: lc.controlValue = (page_size, cookie) msgid = conn.search_ext(search_base, scope, search_filter, attrs, serverctrls=[lc]) else: break else: log.warning("Warning: Server ignores RFC 2696 control.") break conn.unbind() return result except ldap.LDAPError, e: import traceback log.error("run_paged_search error:") log.error(traceback.format_exc()) log.error(str(e)) try: conn.unbind() except: pass return []
while 1: rtype, rdata, rmsgid, rctrls = ad.result3(ldap_result_id) result_set.extend(rdata) result_pages += 1 #extract the simple paged results response control pctrls = [ c for c in rctrls if c.controlType == SimplePagedResultsControl.controlType ] if pctrls: est, cookie = pctrls[0].controlValue if cookie: # copy the cookie from the response control to the request control req_ctrl.controlValue = (pageSize, cookie) ldap_result_id = ad.search_ext(baseDN, searchScope, searchFilter, retrieveAttributes, serverctrls=(serverctrls or []) + [req_ctrl]) else: break x = 0 # print results with column headers print "sAMAccountName, displayName, description, employeeID, whenCreated, mail" for e in result_set: x += 1 info = e[1] msg = '' if 'sAMAccountName' in info: msg += info['sAMAccountName'][0] msg += ','
def ad_search(ad_object, filter=ad_filter, attrs=ad_attrs, base=ad_base_dn, scope=ad_scope): '''Function to search AD It will default to global variables for filter, attributes, base, and scope Returns a list of search results. Each entry itself is a list, where the first item is the DN of the entry, and the second item is a dictionary of attributes and values. ''' search_results = [] ad_control = SimplePagedResultsControl(ldap.LDAP_CONTROL_PAGE_OID, True, (ad_page_size, '')) try: ad_pages = 0 while True: # Send search request msgid = ad_object.search_ext(base, scope, filter, attrs, serverctrls=[ad_control]) ad_pages += 1 if debug: print 'Getting page %d' % (ad_pages) unused_code, results, unused_msgid, serverctrls = \ ad_object.result3(msgid) if debug: print '%d results' % len(results) if results and len(results) > 0: search_results.extend(results) for serverctrl in serverctrls: if serverctrl.controlType == ldap.LDAP_CONTROL_PAGE_OID: unused_est, cookie = serverctrl.controlValue if cookie: ad_control.controlValue = (ad_page_size, cookie) break if not cookie: break return search_results if debug: sys.stderr.write('LDAP search results not found\n' 'base: %s\n' 'filter: %s\n' 'attributes: %s\n\n' % (base, filter, attrs)) return [] except ldap.LDAPError, error_message: print 'search_results:' try: print search_results except NameError: # if search_results hasn't been declared print # print a blank line sys.stderr.write('LDAPError: %s\n' % (error_message))
try: unused_code, results, unused_msgid, serverctrls = \ ldap_connection.result3(msgid) except ldap.LDAPError as e: sys.stderr.write('Error getting user paged search results: ' + str(e) + '\n') sys.exit(1) for result in results: pages += 1 accounts.append(result) cookie = None for serverctrl in serverctrls: if serverctrl.controlType == ldap.LDAP_CONTROL_PAGE_OID: unused_est, cookie = serverctrl.controlValue if cookie: paged_results_control.controlValue = (PAGE_SIZE, cookie) break if not cookie: break # LDAP unbind ldap_connection.unbind_s() # Make dictionary with user data user_map = {} for entry in accounts: if 'employeeID' in entry[1] and \ 'sAMAccountName' in entry[1]: user_map[entry[1]['employeeID'][0]] = entry[1]['sAMAccountName'][0] '--- test_login.py\t(original)'
open('users.temp.xml', 'w').close() open('maillists.temp.xml', 'w').close() open('aliases.temp.xml', 'w').close() while True: pages += 1 print "Getting page %d" % (pages, ) rtype, rdata, rmsgid, serverctrls = conn.result3(msgid) print '%d results' % len(rdata) for dn, entry in rdata: dump_ldap_entry_in_xml(entry) pctrls = [ c for c in serverctrls if c.controlType == ldap.LDAP_CONTROL_PAGE_OID ] if pctrls: est, cookie = pctrls[0].controlValue if cookie: paged_controller.controlValue = (page_size, cookie) msgid = conn.search_ext( basedn, ldap.SCOPE_SUBTREE, filter, serverctrls=[paged_controller], ) else: break else: print "Warning: Server ignores RFC 2696 control." break