views:

156

answers:

2

I am trying to use python to query LDAP server, and it always returns me no result. and anyone help me find what wrong with my python code? it runs fine without excpetions, and it always has no result. i played around with the filter like "cn=partofmyname" but just no luck. thanks for help

import ldap



try:
    l = ldap.open("server")
    l.protocol_version = ldap.VERSION3
    l.set_option(ldap.OPT_REFERRALS, 0)
    output =l.simple_bind("cn=username,cn=Users,dc=domian, dc=net",'password$R')
    print output
except ldap.LDAPError, e:
    print e

baseDN = "DC=domain,DC=net"
searchScope = ldap.SCOPE_SUBTREE
## retrieve all attributes - again adjust to your needs - see documentation for more options
retrieveAttributes = None

Filter = "(&(objectClass=user)(sAMAccountName=myaccount))"

try:
    ldap_result_id = l.search(baseDN, searchScope, Filter, retrieveAttributes)
    print ldap_result_id
    result_set = []
    while 1:
        result_type, result_data = l.result(ldap_result_id, 0)
        if len(result_data) == 0:
            print 'no reslut'
            break
        else:
            for i in range(len(result_set)):
                for entry in result_set[i]:
                    try:
                        name = entry[1]['cn'][0]
                        email = entry[1]['mail'][0]
                        phone = entry[1]['telephonenumber'][0]
                        desc = entry[1]['description'][0]
                        count = count + 1
                        print "%d.\nName: %s\nDescription: %s\nE-mail: %s\nPhone: %s\n" %\
                              (count, name, desc, email, phone)
                    except:
                        pass
                        ## here you don't have to append to a list
                        ## you could do whatever you want with the individual entry
            #if result_type == ldap.RES_SEARCH_ENTRY:
             # result_set.append(result_data)
            #  print result_set
except ldap.LDAPError, e:
    print e
l.unbind()
A: 

I would highly recommend that you examine the network traffic using Wireshark (www.wireshark.org) to see what's happening at the protocol level. Also, get a tool such as Softerra LDAP browser 2.6 (the free version at http://www.ldapbrowser.com/download.htm) to check the A/D server and directory organization.

If you still have problems, post a summary of what you find using these tools.

Jim Garrison
A: 

i found my problem.

simple_bind("cn=username,cn=Users,dc=domian, dc=net",'password$R')

should be

   simple_bind("domain/username",'password$R')
Grey