的Python + LDAP + SSL [英] Python+LDAP+SSL
本文介绍了的Python + LDAP + SSL的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
美好的一天。
在提前道歉,我的英语,我的国家论坛和资源,并没有帮助。
In advance to apologize for my English, my national forums and resources did not help.
有必要的,在AD转换(或创建)的用户密码的脚本。
There was a need in the script that changes (or creates) a user password in AD.
研究了这个问题之后,人们清楚地看到
After studying the issue, it became clear that
- 密码要设定或更改只能建立到服务器的加密连接
- 发送密码,只需要在编码UTF-16乐
在一般有与第二没问题,但首先有一个问题
In general there is no problem with the second, but first have a problem with
$ python ldap-test-starttls.py
Traceback (most recent call last):
File "ldap-test-starttls.py", line 9, in <module>
l.simple_bind_s( "cn=admin,ou=users,dc=test,dc=ru", "password" )
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 206, in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 200, in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,EncodeControlTuples(serverctrls),EncodeControlTuples(clientctrls))
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 96, in _ldap_call
result = func(*args,**kwargs)
ldap.SERVER_DOWN: {'info': 'A TLS packet with unexpected length was received.', 'desc': "Can't contact LDAP server"}
脚本code
Script code
import ldap
host = 'ldaps://ldap:636'
l = ldap.initialize(host)
l.set_option( ldap.OPT_X_TLS_DEMAND, True )
l.set_option( ldap.OPT_DEBUG_LEVEL, 255 )
username = 'someUser'
new_pass = 'ne$wP4assw0rd3!'
new_password = ('"%s"' % new_pass).encode("utf-16-le")
l.simple_bind_s( "cn=admin,ou=users,dc=test,dc=ru", "password" )
mod_attrs = [(ldap.MOD_REPLACE, 'unicodePwd', new_password)],[( ldap.MOD_REPLACE, 'unicodePwd', new_password)]
l.modify_s('CN=%s,dc=users,dc=test,dc=ru' % username, mod_attrs)
l.unbind_s()
print "Successfully changed password."
可能有人已经解决了类似的问题。是的,脚本是在CentOS运行和使用py32win不可能的。
Chances are someone has already solved a similar problem. Yes, the script is running on Centos and use py32win not possible.
在此先感谢。
推荐答案
这样的学习之后,我发现了自己的解决方案。
After studying like this, I found a solution on their own
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
l = ldap.initialize("ldaps://ldap:636")
l.set_option(ldap.OPT_REFERRALS, 0)
l.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
l.set_option(ldap.OPT_X_TLS,ldap.OPT_X_TLS_DEMAND)
l.set_option( ldap.OPT_X_TLS_DEMAND, True )
l.set_option( ldap.OPT_DEBUG_LEVEL, 255 )
l.simple_bind_s("admin@tester.com","password")
这篇关于的Python + LDAP + SSL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文