2014-09-14 17:24:19 +04:00
|
|
|
Ldappr
|
|
|
|
=======
|
|
|
|
|
2014-09-14 18:36:39 +04:00
|
|
|
[![PyPI version](https://badge.fury.io/py/ldappr.svg)](http://badge.fury.io/py/ldappr)
|
2014-09-14 18:35:46 +04:00
|
|
|
|
2014-09-14 17:24:19 +04:00
|
|
|
Ldappr is a wrapper around python-ldap, meant for quick and easy handling of
|
2014-09-14 18:24:31 +04:00
|
|
|
common administrative tasks concerning your LDAP compliant repository. It is
|
|
|
|
particularly useful in small, one-time scripts to get things done, or
|
2014-09-14 18:38:09 +04:00
|
|
|
interactively within an iPython shell.
|
2014-09-14 18:24:31 +04:00
|
|
|
|
|
|
|
Installation
|
|
|
|
------------
|
|
|
|
|
|
|
|
Of course, python-ldap is supposed to be already installed.
|
|
|
|
|
|
|
|
```
|
|
|
|
pip install ldappr
|
|
|
|
```
|
2014-09-14 17:24:19 +04:00
|
|
|
|
|
|
|
Connect
|
|
|
|
-------
|
|
|
|
|
|
|
|
```python
|
|
|
|
import ldappr
|
|
|
|
|
|
|
|
# authenticated bind
|
|
|
|
ldap = ldappr.connect_to('127.0.0.1', 'uid=admin,ou=system', 'secret')
|
|
|
|
```
|
|
|
|
|
|
|
|
Retrieve objects
|
|
|
|
----------------
|
|
|
|
|
|
|
|
When you have a connection, you can search on it. First, specify the seach base.
|
|
|
|
|
|
|
|
```python
|
|
|
|
ldap.search_base = 'ou=users,ou=system'
|
|
|
|
```
|
|
|
|
|
|
|
|
Then, get one or more objects to manipulate.
|
|
|
|
|
|
|
|
```python
|
|
|
|
# retrieve a single object
|
|
|
|
user = ldap.get('cn=jdoe')
|
|
|
|
|
|
|
|
# retrieve a list of objects
|
|
|
|
users = ldap.search('objectClass=inetOrgPerson')
|
|
|
|
```
|
|
|
|
|
|
|
|
Do stuff
|
|
|
|
--------
|
|
|
|
|
|
|
|
Once you got an object, you can easily manipulate it. All changes will
|
|
|
|
immediately reflect in your LDAP repository.
|
|
|
|
|
|
|
|
```python
|
|
|
|
# pretty print the retrieved user
|
|
|
|
print(user)
|
|
|
|
|
|
|
|
# get an attribute value
|
|
|
|
sn = user.attrs['sn']
|
|
|
|
|
|
|
|
# set an attribute value (existing value will be removed)
|
|
|
|
user.set_value('givenName', 'Jack')
|
|
|
|
|
|
|
|
# add a value to a multi-valued attribute
|
|
|
|
user.add_value('mobile', '0123456789')
|
|
|
|
user.add_value('mobile', '9876543210')
|
|
|
|
|
|
|
|
# remove a value from a multi-valued attribute
|
|
|
|
user.remove_value('mobile', '9876543210')
|
|
|
|
```
|
|
|
|
|
|
|
|
Other examples
|
|
|
|
--------------
|
|
|
|
```python
|
|
|
|
# anonymous bind
|
|
|
|
ldap = ldappr.connect_to('127.0.0.1')
|
|
|
|
|
|
|
|
# authenticated bind with more options
|
|
|
|
ldap = ldappr.connect_to('127.0.0.1', 'uid=admin,ou=system', 'secret',
|
|
|
|
protocol='ldaps', port='10636', verify=False,
|
|
|
|
search_base='ou=users,ou=system')
|
|
|
|
|
|
|
|
# delete all objects with employeeType manager
|
|
|
|
for dn in ldap.get_dn('employeeType=manager'):
|
|
|
|
ldap.delete(dn)
|
|
|
|
|
|
|
|
# set an attribute value for a known dn
|
|
|
|
ldap.set_value('cn=jdoe,ou=users,ou=system', 'givenName', 'Jack')
|
|
|
|
|
|
|
|
# make an LDIF export for all users
|
|
|
|
with open('export.ldif', 'a') as file:
|
|
|
|
for user in ldap.search('objectClass=inetOrgPerson'):
|
|
|
|
file.write(user.to_ldif())
|
|
|
|
```
|