473,320 Members | 2,112 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

python-ldap reading an OU with more than 1000 objects

Hi,
I have a MS Windows AD domain, and have one OU with more tan 1000 users
objects. When I try to read it, I hit the 1000 limit of AD while returning
objects, so I'm asking for advice as to how to read them.
Here is my actual code, it is not the cleanest as I am learning python.
Suggestions are welcomed :)

Runnig this script on RedHat 5.x with "python zimbra2.py" returns:
{'info': '', 'desc': 'Size limit exceeded'}

The script:

#!/usr/bin/python
#---------------------------------------------------------------------------
-----------------------
# Variables can be changed here:
import ldap, string, os, time, sys
base = 'ou=usuarios con papel tapiz,dc=organojudicial,dc=gob,dc=pa'
scope = ldap.SCOPE_SUBTREE
ZimbraEmail = "CN=ZimbraEmail,CN=Users,DC=organojudicial,DC=gob, DC=pa"
domain = "organojudicial.gob.pa" # "example.com"
ldapserver="ancon"
port="389"
emaildomain="organojudicial.gob.pa"
ldapbinddomain="organojudicial"
ldapbind="zimbrasync"
ldappassword="xxxxxxxx"
pathtozmprov="/opt/zimbra/bin/zmprov"
#---------------------------------------------------------------------------
-----------------------

#---------------------------------------------------------------------------
-----------------------
#output the list of all accounts from zmprov gaa (get all accounts)
# this is related to the Zimbra Mail System
f = os.popen(pathtozmprov +' gaa')
zmprovgaa= []
zmprovgaa = f.readlines()
#---------------------------------------------------------------------------
-----------------------

#---------------------------------------------------------------------------
-----------------------
# Let's connect to the Windows AD Domain
l=ldap.initialize("ldap://"+ldapserver+"."+domain+":"+port)
try:
l.simple_bind_s(ldapbinddomain+"\\"+ldapbind,ldapp assword)
except ldap.INVALID_CREDENTIALS:
print "Your username or password to bind to AD is incorrect."
sys.exit()
except ldap.LDAPError, e:
if type(e.message) == dict and e.message.has_key('desc'):
print e.message['desc']
else:
print e
sys.exit()
# end of connection procedure to AD
#---------------------------------------------------------------------------
-----------------------

#---------------------------------------------------------------------------
-----------------------
# If connection to AD is ok
# Lets find only enabled users in a specific OU controlled by the variable
named base
# and get the login username the first name, the last name and what groups
this
# user belongs to as well as the email field.
#userAccountControl 512 = normal , 514 = disabled account. We only want
enabled accounts

try:
res = l.search_s(base,scope, "(&(ObjectCategory=user)
(userAccountControl=512))", ['sAMAccountName','givenName','sn','memberOf',
'mail'])
for (dn, vals) in res:
samaccount = vals['sAMAccountName'][0].lower()
accountname = vals['sAMAccountName'][0].lower()
try:
alias1 = vals['mail'][0].lower()
except:
alias1 = 'none'
try:
sirname = vals['sn'][0]
except:
sirname = vals['sAMAccountName'][0]
try:
givenname = vals['givenName'][0]
except:
givenname = vals['sAMAccountName'][0]
try:
groups = vals['memberOf']
except:
groups = 'none'

# this code is not working. Python chokes.
#initial = givenname[:1].upper()
#sirname = sirname.replace(' ', )
#sirname = sirname.replace('\\', )
#sirname = sirname.replace('-', )
#sirname = sirname.capitalize()

name = givenname + " " + sirname
accountname = accountname + "@" + emaildomain
password = " \'\' "
sys.stdout.flush()
# If the Active Directory user is a member of the AD group called
ZimbraMail, we begin processing this user.
if ZimbraEmail in groups:
print "SAM ACCOUNT: " + samaccount
print "accountname: " + accountname
print "name: " + name
print "Alias de zimbra " + alias1
if accountname +"\n" not in zmprovgaa:
print accountname," exists in active directory but not in
zimbra, the account is being created\n"
time.sleep(1)
os.system(pathtozmprov +' ca %s %s displayName "%s"' %
(accountname,password,name))
print "Creando Alias"
os.system(pathtozmprov +' aaa %s %s' % (accountname,alias1))
time.sleep(1)
else:
print accountname, alias1, " user is not a member of the ZimbraMail
AD Group. Will not be processed\n"
#---------------------------------------------------------------------------
-----------------------

except ldap.LDAPError, error_message:
print error_message
l.unbind_s()

thanks all for your comments.

Erick.
Oct 17 '08 #1
1 5401
Erick Perez - Quadrian Enterprises, S.A. wrote:
I have a MS Windows AD domain, and have one OU with more tan 1000 users
objects. When I try to read it, I hit the 1000 limit of AD while returning
objects, so I'm asking for advice as to how to read them.
IIRC with MS AD you can circumvent this limit by using the Simple Paged
Control (see RFC 2696). Check Demo/page_control.py in python-ldap's
source distribution for example code.

Ciao, Michael.
Oct 18 '08 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: Jorgen Grahn | last post by:
I couldn't think of a good solution, and it's hard to Google for... I write python command-line programs under Win2k, and I use the bash shell from Cygwin. I cannot use Cygwin's python package...
0
by: Kurt B. Kaiser | last post by:
Patch / Bug Summary ___________________ Patches : 235 open ( -6) / 2633 closed (+11) / 2868 total ( +5) Bugs : 767 open ( +3) / 4463 closed (+10) / 5230 total (+13) RFE : 151 open...
0
by: Li Daobing | last post by:
I can't use .def(str(self)) I write a simple example, without `str', I can build it well, but with this one, I can't build //Rational.cpp #include <boost/python.hpp> #include <iostream> ...
7
by: Edward Diener | last post by:
I can install Python 2.4 on the Fedora 3 Linux system, but after I do a number of Linux utilities and commands, like yum, stop working because they were dependent on the Python 2.3 installation....
0
by: Kurt B. Kaiser | last post by:
Patch / Bug Summary ___________________ Patches : 420 open ( +4) / 3410 closed ( +2) / 3830 total ( +6) Bugs : 915 open (+17) / 6186 closed ( +6) / 7101 total (+23) RFE : 235 open...
0
by: Jeff Rush | last post by:
I'd like to extend an invitation to those who would like to get involved in advocating the use of Python. In August, the PSF hired me, for a 6-mo contract, to coordinate the Python advocacy...
15
by: John Nagle | last post by:
I've been installing Python and its supporting packages on a dedicated server with Fedora Core 6 for about a day now. This is a standard dedicated rackmount server in a colocation facility,...
24
by: Joe Salmeri | last post by:
I just upgraded from Python 2.4.2 to Python 2.5.1 and have found some unexpected behavior that appears to be a bug in the os.stat module. My OS is Windows XP SP2 + all updates. I have several...
0
by: Kurt B. Kaiser | last post by:
New / Reopened Patches ______________________ minidom pretty xml output improvement (2007-08-19) http://python.org/sf/1777134 opened by Teajay removeTest() method patch for...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.