使用 python + ldap 对活动目录进行身份验证 [英] Authenticating against active directory using python + ldap
问题描述
如何使用 Python + LDAP 对 AD 进行身份验证.我目前正在使用 python-ldap 库,它产生的只是眼泪.
How do I authenticate against AD using Python + LDAP. I'm currently using the python-ldap library and all it is producing is tears.
我什至无法绑定来执行一个简单的查询:
I can't even bind to perform a simple query:
import sys
import ldap
Server = "ldap://my-ldap-server"
DN, Secret, un = sys.argv[1:4]
Base = "dc=mydomain,dc=co,dc=uk"
Scope = ldap.SCOPE_SUBTREE
Filter = "(&(objectClass=user)(sAMAccountName="+un+"))"
Attrs = ["displayName"]
l = ldap.initialize(Server)
l.protocol_version = 3
print l.simple_bind_s(DN, Secret)
r = l.search(Base, Scope, Filter, Attrs)
Type,user = l.result(r,60)
Name,Attrs = user[0]
if hasattr(Attrs, 'has_key') and Attrs.has_key('displayName'):
displayName = Attrs['displayName'][0]
print displayName
sys.exit()
使用 myusername@mydomain.co.uk 密码 username
运行此程序会给我两个错误之一:
Running this with myusername@mydomain.co.uk password username
gives me one of two errors:
Invalid Credentials
- 当我输入错误或故意使用错误的凭据时,它无法进行身份验证.
Invalid Credentials
- When I mistype or intentionally use wrong credentials it fails to authenticate.
ldap.INVALID_CREDENTIALS:{'info':'80090308:LdapErr:DSID-0C090334,注释:AcceptSecurityContext 错误,数据 52e,vece','desc':'无效凭据'}
ldap.INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece', 'desc': 'Invalid credentials'}
或者
ldap.OPERATIONS_ERROR: {'info': '00000000: LdapErr: DSID-0C090627, 注释:为了执行此操作,必须在连接上完成一个成功的绑定., data 0, vece', 'desc':'操作错误'}
ldap.OPERATIONS_ERROR: {'info': '00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece', 'desc': 'Operations error'}
我错过了什么才能正确绑定?
What am I missing out to bind properly?
我在 Fedora 和 Windows 上遇到同样的错误.
I am getting the same errors on fedora and windows.
推荐答案
我失踪了
l.set_option(ldap.OPT_REFERRALS, 0)
从初始化.
这篇关于使用 python + ldap 对活动目录进行身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!