473,395 Members | 1,863 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > python > questions > search-filter for ldap (ms active directory)

Join Bytes to post your question to a community of 473,395 software developers and data experts.

Search-Filter for LDAP (MS Active Directory)

Hi!

I asked here a few weeks ago the same question but the answer of Tim
Golden didn't really help yet.

I'd like to know how to set up a query for all computer-accounts in a
special part of Active Directory by using LDAP.

Example:
all computers with a name like "ABC*" at "..., ou=Production,
DC=business,DC=company,DC=com"
From these computers I want to get their OS, Service Pack and some
other information.
The difficulty is, the computers are in several OUs so I can't just
get through one LDAP-Path and the names of some OUs could change from
one day to another...

I read this RFC (http://www.rfc-editor.org/rfc/rfc2254.txt), but don't
know how to use this in python.

Kind regards
Dirk Hagemann
Jul 18 '05 #1
3 7169
Dirk Hagemann wrote:

I'd like to know how to set up a query for all computer-accounts in a
special part of Active Directory by using LDAP.
Example:
all computers with a name like "ABC*" at "..., ou=Production,
DC=business,DC=company,DC=com"
From these computers I want to get their OS, Service Pack and some
other information.


Assuming you're using <http://python-ldap.sf.net> (untested):

----------------------------------------------------------------------
import ldap

l = ldap.initialize('ldap://domaincontroller.company.com')
l.protocol_version = 3
l.simple_bind_s('cn=Administrator,DC=business,DC=c ompany,DC=com','secretpassword')

r = l.search_s(
'ou=Production,DC=business,DC=company,DC=com',
ldap.SCOPE_SUBTREE,
'(&(objectClass=computer)(cn=ABC*))' )
----------------------------------------------------------------------

Note that you have to bind as a real user with appropriate access rights
since anonymous search is disabled in Active Directory by default. Also note
that you might hit a server-side search limit leading to an exception
ldap.SIZELIMIT_EXCEEDED.

Ciao, Michael.
Jul 18 '05 #2
Michael Ströder schrieb:
Dirk Hagemann wrote:

I'd like to know how to set up a query for all computer-accounts in a
special part of Active Directory by using LDAP.
Example:
all computers with a name like "ABC*" at "..., ou=Production,
DC=business,DC=company,DC=com"

> From these computers I want to get their OS, Service Pack and some
> other information.


Assuming you're using <http://python-ldap.sf.net> (untested):

----------------------------------------------------------------------
import ldap

l = ldap.initialize('ldap://domaincontroller.company.com')
l.protocol_version = 3
l.simple_bind_s('cn=Administrator,DC=business,DC=c ompany,DC=com','secretpassword')
r = l.search_s(
'ou=Production,DC=business,DC=company,DC=com',
ldap.SCOPE_SUBTREE,
'(&(objectClass=computer)(cn=ABC*))' )
----------------------------------------------------------------------

Note that you have to bind as a real user with appropriate access rights
since anonymous search is disabled in Active Directory by default. Also
note that you might hit a server-side search limit leading to an
exception ldap.SIZELIMIT_EXCEEDED.

Ciao, Michael.


Hi Michael!

The script will run under my logged on user with domain-admin rights -
so will will not have to authenticate a second time.
I hope I'll have the time tomorrow to test this code.

Greets
Dirk
Jul 18 '05 #3
Dirk Hagemann wrote:
Michael Ströder schrieb:
Note that you have to bind as a real user with appropriate access
rights since anonymous search is disabled in Active Directory by
default.


The script will run under my logged on user with domain-admin rights -
so will will not have to authenticate a second time.


This is not relevant. The python-ldap module and the underlying OpenLDAP
libs does not care about your logged on Windows user.

=> You have to explicitly bind.

Ciao, Michael.
Jul 18 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
Updating attributes in LDAP/Active Directory
by: Dave | last post by:
Hello. I am trying to update attributes in LDAP/Active directory from my application that is written in VB.NET. I am using Directory Services to do so. I do not get any errors during the...
.NET Framework
0
ADODB OleDbDataAdapter different count of rows from Active Directory
by: Ireneus Broncel | last post by:
I have a class which reads Groups and Users from ActiveDirectory. The Problem is, that i have about 10000 rows as product. When I am trying to read the "memberOf" Objects out of this field i get...
C# / C Sharp
1
Problem querying LDAP and/or Active Directory
by: Andrew | last post by:
Hey all, Working on revamping our Intranet here and making use of the LDPA, Active Directory, Directory Services, etc. that .Net provides. I am still fairly new on this subject, so the problem...
ASP.NET
3
LDAP Active Directory Bind Stops Working
by: Marshall | last post by:
I appear to be having a problem similar to Neil as posted at...
ASP.NET
0
web services and LDAP (Active Directory)
by: Filip De Backer | last post by:
Hi everyone, I've got a web sirvice which checks a user in the LDAP. When I run the service local on my PC it works fine (VS debugger). The user is found in the active direcrory. But when I run...
.NET Framework
1
Validating user credentials against active directory
by: Raghu | last post by:
I have following code that validates a given user credentails against a active directory. The login part works but I can not search as it fails to return the record. Does any one have any idea...
C# / C Sharp
2
Populating a DDL with users from Active Directory
by: Jim in Arizona | last post by:
My goal, somehow, is to populate a dropdownlist with all the user names in active directory. I don't even know where to begin, really. I added a reference to System.DirectoryServices so I could...
ASP.NET
0
Transactions/LDAP/Active Directory
by: msnews.microsoft.com | last post by:
Hello, I need to write an application that will span its transactions between SqlServer and Active Directory. Is it possible to wrap it in one transaction? Thanks, Sanja
C# / C Sharp
2
Active Directory authentication / authorisation
by: Max Vit | last post by:
I have been toying with the idea of having an Active Directory authentication / authorisation functionality in MS Access; but there is not much useful info around. I have built these...
Microsoft Access / VBA
0
Adding a user to an LDAP Active Directory Group? Error A referral wasreturned from the server
by: jc | last post by:
I'm attempting this code: using System; using System.Collections.Generic; using System.Text; using System.DirectoryServices; namespace cLDAP { public class Program
C# / C Sharp
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!