Copy&Waste

Searching Your Corporate LDAP/AD with python

There are a ton of examples out there on how to utilize ldap in python. I recently worked on a simple project which required active directory authentication using ldap. The following is simple script I've used hundreds of times.

 
#!/usr/bin/env python 
#binds to ldap, queries for a specific AD account 
import ldap 

def Search(server,port, auth_user, auth_pass, ldap_user,attrs):
     #base_dn should reflect your domain 
     base_dn="dc=yourcompanydomain,dc=com" 
     found_results="" 
     l = ldap.initialize('ldap://%s:%s' % (server, port) ) 
     l.simple_bind_s(auth_user, auth_pass) 
     try: 
        search_result= l.search(base_dn,ldap.SCOPE_SUBTREE,'sAMAccountName='+ldap_user,attrs) 
        result_set =[] 
        while 1: 
           result_type, result_data = l.result(search_result,0) 
           if (result_data ==[]):
              break 
           else:
           if result_type == ldap.RES_SEARCH_ENTRY: 
              result_set.append(result_data) 
              print len(result_set) 
              for line in result_set: 
                 print line 
     except ldap.LDAPError, e: 
        print e 
     results = Search("192.168.5.10",3268,"akonkol@yourcompanydomain.com","mysecretpassword","akonkol",['givenName','sn','mail']) 

This will return the attributes you supplied (givenName, sn, mail)