Is it possible to have Python authenticate with Active Directory?
Specifically what I'd like to do is have a user enter a
username/password, then have Python check the credentials with AD - if
what they entered is valid, for example, it returns a 1, otherwise a
0.. Thanks!
7  15537 
On Fri, May 05, 2006 at 05:39:08AM -0700, D wrote: Is it possible to have Python authenticate with Active Directory?
Specifically what I'd like to do is have a user enter a
username/password, then have Python check the credentials with AD - if
what they entered is valid, for example, it returns a 1, otherwise a
0.. Thanks!
Can't you query the AD through LDAP? Then http://python-ldap.sourceforge.net/ might help.
Kindly
Christoph
On Fri, 05 May 2006 05:39:08 -0700, D wrote: Is it possible to have Python authenticate with Active Directory?
Specifically what I'd like to do is have a user enter a
username/password, then have Python check the credentials with AD - if
what they entered is valid, for example, it returns a 1, otherwise a
0.. Thanks!
It's possible and you need the python-ldap package for it.
The actual authentication will look like (simplified):
def authenticate(us er='',passwd='' ):
dn = find_user_dn(us er)
try:
l = ldap.open(AD_HO ST_URL)
l.protocol_vers ion = ldap.VERSION3
l.simple_bind_s (dn,passwd)
l.search_s(SEAR CHDN,ldap.SCOPE _SUBTREE,'objec tType=bla')
l.unbind_s()
return True
except ldap.LDAPError:
return False
obviously, you need to supply some function 'find_user_dn' that maps
the user to its DN.
D wrote: Is it possible to have Python authenticate with Active Directory?
Specifically what I'd like to do is have a user enter a
username/password, then have Python check the credentials with AD - if
what they entered is valid, for example, it returns a 1, otherwise a
0.. Thanks!
Install the Win32 extensions from http://starship.python.net/crew/skip...Downloads.html and do
something like this:
try:
handle=win32sec urity.LogonUser (username, None, password,
win32security.L OGON32_LOGON_NE TWORK,
win32security.L OGON32_PROVIDER _DEFAULT)
# We're not going to use the handle, just seeing if we can get it.
handle.Close()
return True
except pywintypes.erro r, e:
# Because of the sheer number of Windows-specific errors that can
# occur here, we have to assume any of them mean that the
# credentials were not valid.
return False
--
Benji York
Benji York wrote: D wrote: Is it possible to have Python authenticate with Active Directory?
Specifically what I'd like to do is have a user enter a
username/password, then have Python check the credentials with AD - if
what they entered is valid, for example, it returns a 1, otherwise a
0.. Thanks!
Install the Win32 extensions from
http://starship.python.net/crew/skip...Downloads.html and do
something like this:
try:
handle=win32sec urity.LogonUser (username, None, password,
win32security.L OGON32_LOGON_NE TWORK,
win32security.L OGON32_PROVIDER _DEFAULT)
# We're not going to use the handle, just seeing if we can get it.
handle.Close()
return True
except pywintypes.erro r, e:
# Because of the sheer number of Windows-specific errors that can
# occur here, we have to assume any of them mean that the
# credentials were not valid.
return False
--
Benji York
I assume then that you can also change user information using the same
principle ? I'm trying to switch some VB6 code to python.
Philippe
If you have Pywin32 installed, you can use the win32com.adsi
package to open an object with username/password credentials.
See adsi.ADsOpenObj ect for details. Adsi also contains a number
of interfaces for dealing with users, containers, etc.
Roger
"D" <du********@hot mail.com> wrote in message news:11******** **************@ j33g2000cwa.goo glegroups.com.. . Is it possible to have Python authenticate with Active Directory?
Specifically what I'd like to do is have a user enter a
username/password, then have Python check the credentials with AD - if
what they entered is valid, for example, it returns a 1, otherwise a
0.. Thanks!
----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==---- http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----
Stephan Diehl wrote: On Fri, 05 May 2006 05:39:08 -0700, D wrote:
Is it possible to have Python authenticate with Active Directory?
Specificall y what I'd like to do is have a user enter a
username/password, then have Python check the credentials with AD - if
what they entered is valid, for example, it returns a 1, otherwise a
0.. Thanks!
It's possible and you need the python-ldap package for it.
The actual authentication will look like (simplified):
def authenticate(us er='',passwd='' ):
dn = find_user_dn(us er)
try:
l = ldap.open(AD_HO ST_URL)
l.protocol_vers ion = ldap.VERSION3
l.simple_bind_s (dn,passwd)
l.search_s(SEAR CHDN,ldap.SCOPE _SUBTREE,'objec tType=bla')
l.unbind_s()
return True
except ldap.LDAPError:
return False
obviously, you need to supply some function 'find_user_dn' that maps
the user to its DN.
Since MS AD does not allow anonymous search in its default configuration
find_user_dn() would have to bind as an application user with search
rights to search the user entry by UPN.
Hack not LDAPv3 compliant:
When sending a simple bind request to MS AD over LDAP you can also
directly use the UPN for 'dn' when invoking l.simple_bind_s (). Note that
this is a special semantic of LDAP bind request for MS AD. It is not a
LDAPv3 compliant! But if you're sure you won't use this code for binding
to another LDAP server you could use this hack.
The nice thing about python-ldap is that it also works on other
platforms than Win32. The caveat is that you might need to build the
OpenLDAP libs. If you're solely on Win32 using ADSI through Win32
extensions for Python as stated by others in this thread might be the
better approach.
Ciao, Michael.
Thanks to everyone for your help..I'm not familiar with the packages
mentioned, so this will definitely be a learning experience!
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Tom Petersen |
last post by:
Hello, we just migrated to Windows Server 2003 and active directory. On our
intranet I would like to personalize some of the pages my users hit. Let's
say I login as petertom, when I go to my main page, I would like it to say
Welcome, Tom!
Is there a way to grab information form the fields in AD after a person
authenticates? Is there a timeout, i.e., user logs in at 8:00 AM, but
doesn't hit the intranet until 1:00 PM etc?
Eventually...
|
by: |
last post by:
What is a good resource for integrating ASP applications with Active
Directory? I want pages that will allow operations on AD. A prime example is
that I want to have an ASP page that would ask users for their AD password
and verify...
Thanks In Advance!
|
by: Sjaak |
last post by:
Hi All,
I'm trying to get an ASP.NET Application to work with Active Directory
but not having much luck.
On the MS Website I found this example :
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sds/sds/active_directory_authentication_from_asp__net.asp
I've followed every step explained but when I run it try to login I
get
|
by: deathbydisco |
last post by:
I've created a simple website with a login screen that requires an
email address and a password. It uses the email ID and password to
authenticate against active directory (just to see if the user exists
in the network). Once authenticated, it redirects to the main ASPX
page. Pretty simple and straightforward.
Problem: Only people who seem to have better priviledges (those who
belong to the Administrators group) can get authenticated....
|
by: varkey.mathew |
last post by:
Dear all,
Bear with me, a poor newbie(atleast in AD)..
I have to authenticate a user ID and password for a user as a valid
Active Directory user or not. I have created the IsAuthenticated
function exactly as outlined in the below link.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT02.asp
| | |
by: Theon Greyjoy |
last post by:
Hello,
I'll admit up-front that I have very limited experience with Active
Directory...
I am using the Active Directory membership provider in my ASP.NET (C#)
application. However, we do not keep the AD users in the 'Users'
container...in fact, this container is empty. All users are organized
into folders by location and department.
|
by: piggy |
last post by:
I have a login name with user name and password. based on provided username
and password, those infor will be looked up in the active directory for a
specific group to authenticate users. Could you please help me with that? i
have found a code to do that but fail to connect to the AD with provided
username and password. In order to connect to the AD, what access level is
needed here. Your help will be appreciate. Thanks,
|
by: jarice1978 |
last post by:
Hello,
I have been scanning the internet for a few days now. That is not working. So now it is time to post!
I have read a few other posts on here about authentication but they do not match exactly.
We currently have an intranet app built in a mixture of asp and asp.net 1.1 and 2.0 written in VB .Net. We have a form where the user logs in and it authenticates against active directory successully in 2 ways:
1. The admin resets the...
|
by: =?Utf-8?B?QlVCQkxFVEFMSzI2MA==?= |
last post by:
Hello. I am writing an application that uses Active Directory and needs to
grab user information. I pass user email addresses and and get back a
userInfo structure with AD information. My issue is that for some users it
works, and others it doesn't. I saw in my traces that in the failing
instances that the authentication is 'negotiate' although I explicitly set it
to Windows under IIS.
Thanks
javabean260
|
by: Max Vit |
last post by:
I have been toying with the idea of having an Active Directory
authentication / authorisation functionality in MS Access; but there
is not much useful info around.
I have built these functionalities for some applications (JAVA, PHP).
The parameters used there are the LDAP parameters for AD:
*searchFilter: (objectClass=user)
*searchBase: OU=register,OU=applications,DC=inside,DC=mycompany,DC=com
*adminPassword: Password
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
| | |
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed.
This is as boiled down as I can make it.
Here is my compilation command:
g++-12 -std=c++20 -Wnarrowing bit_field.cpp
Here is the code in...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
| | |
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| |
