def bind(self): if not self.server or self.server.servers[0].host != 'ad.mydomain.com': raise ldap3.LDAPBindError if self.user: # Validate the bind user. bind_user = get_directory_base(self.user) if bind_user and self.password == bind_user['password']: return True raise ldap3.LDAPInvalidCredentialsResult else: return True
def search(self, search_base='', search_filter='(objectClass=*)', search_scope=ldap3.SUBTREE, attributes=None): log.info("Search began for base '{0}' with filter '{1}' in scope '{2}' with attributes '{3}'".format( search_base, search_filter, search_scope, attributes )) check_user = build_comparison(search_filter)[0] scoped_directory = get_directory_base(search_base) if search_scope == ldap3.SUBTREE: # Perform a recursive search strategy def recurse_search(dictionary): items = [] if check_user(dictionary): items.append(dictionary) for item in dictionary.values(): if check_user(item): items.append(item) if type(item) == dict: items.extend(recurse_search(item)) return items items = recurse_search(scoped_directory) items = [dict(attributes=user, dn=user['dn']) for user in items] self._result = len(items) > 0 self._response = items elif search_scope == ldap3.LEVEL: matching = [dict(attributes=user, dn=user['dn']) for user in scoped_directory.values() if check_user(user)] self._result = len(matching) > 0 self._response = matching elif search_scope == ldap3.BASE: result = check_user(scoped_directory) self._result = result if self._result: self._response = [scoped_directory] else: self._response = [] pass