Attachment 'ldaptest.py'

Download

   1 #!/opt/python/bin/python
   2 # -*- coding: iso-8859-1 -*-
   3 """
   4 This script can be used for some basic LDAP / Active Directory Testing.
   5 
   6 You need to configure the variables below this comment to match your setup.
   7 
   8 If it does not authenticate your users correctly, you maybe also want to look
   9 at the code below and find out why it does not work.
  10 
  11 Please contribute changes back to us.
  12 
  13 MoinMoin development at http://moinmoin.wikiwikiweb.de/
  14 """
  15 
  16 server_uri = 'ldap://ldap.example.org/'
  17 #server_uri = 'ldaps://ldap.example.org/'
  18 
  19 # if bind_user and bind_pw is both '' it does an anonymous bind
  20 bind_user = ''
  21 bind_pw = ''
  22 
  23 base_dn = 'dc=example,dc=org'
  24 filter_str = '(uid=%s)' # check if this is correct for you!
  25 
  26 users_passwords = [
  27     ('user1', 'correctpass1'),
  28     ('user1', ''), # check whoami output for this!
  29     ('user1', 'wrongpass1'),
  30 ]
  31 
  32 import ldap
  33 
  34 for user, password in users_passwords:
  35     # This is only required if you are using a self signed cert. 
  36     # Probably turn it off for production code.
  37     if server_uri.startswith('ldaps:'):
  38         ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
  39 
  40     # ActiveDirectory? Do this, otherwise, leave it out.
  41     ldap.set_option(ldap.OPT_REFERRALS, 0)
  42 
  43     print "Initializing connection to %s ..." % server_uri
  44     l = ldap.initialize(server_uri)
  45     print "LDAP protocol version %d" % l.protocol_version
  46     #l.protocol_version = ldap.VERSION3
  47 
  48     print "Binding to directory using bind user %r (and configured password) ..." % bind_user
  49     l.bind_s(bind_user, bind_pw)
  50 
  51     search_filter = filter_str % user
  52     print "Searching under base dn %s for %s ..." % (base_dn, search_filter)
  53     lusers = l.search_s(base_dn, ldap.SCOPE_SUBTREE, search_filter)
  54     results = len(lusers)
  55     print "Results: %d" % results
  56     if results:
  57         for dn, ldap_dict in lusers:
  58             print "    %s" % dn
  59         first_dn = lusers[0][0]
  60         print "Trying to authenticate with first found dn %s (and configured password) ..." % first_dn
  61         try:
  62             l.bind_s(first_dn, password)
  63             print "Succcessfully bound - whoami says: %s" % l.whoami_s()
  64         except ldap.INVALID_CREDENTIALS, err:
  65             print "LDAP Error: %s" % err
  66     print "Unbinding from directory ..."
  67     l.unbind()
  68     print "-"*70

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2006-12-22 16:34:51, 2.2 KB) [[attachment:ldaptest.py]]
 All files | Selected Files: delete move to page copy to page

You are not allowed to attach a file to this page.