LDAP server in Python

Ganesan R rganesan at myrealbox.com
Tue Mar 18 07:46:56 EST 2003 

>>>>> "Paul" == Paul Moore <gustav at morpheus.demon.co.uk> writes:

> Michael Ströder <michael at stroeder.com> writes:
>> 
>> Do you plan to develop an LDAP-enabled application?

> No, not really.

>> Then I'd recommend to run OpenLDAP 2.1.16 as test server because
>> it's the most strict LDAP server around. You will definitely learn
>> the right things.

I'd still recommend that you install OpenLDAP 2.1.16. It's easy enough to
install and there is an excellent python API available for it (See
http://python-ldap.sourceforge.net/). Actually, the API should work with
any LDAP v2/v3 compliant server, but it uses the OpenLDAP client library.

> Hmm. I'm not sure "strict" is what I want. The background is that
> Oracle are moving their database naming service from a proprietary
> protocol (Oracle Names) to LDAP. The trouble is that (as is usual with
> Oracle) the documentation is a bit opaque, so I'd rather try it out
> and experiment.

Believe me, strict is what you want. If you write to a "strict" version, the
application should easily port to a more lenient implementation. The other
way around is not necessarily true. 

> But Oracle's LDAP server takes a bit of setting up (specifically, it
> needs a server machine bigger than my laptop :-() so I thought I'd try
> something smaller and simpler for experimenting with.

OpenLDAP is fairly light on resources. If you want something simple to
experiment with; that is the way to go. 

> Oracle Names is basically a fairly trivial name->value mapping,
> whereas LDAP looks far more complex. I'm not sure if I can justify the
> extra complexity. On the other hand, I may be able to do useful extra
> things with LDAP, such as storing extra data for other clients. At the
> moment, none of the "overview" documents on LDAP which I've seen have
> given me a feel for how to make "trivial" use of it (understandably,
> they focus on the richness of the structure, which is precisely what
> I'm not interested in...)

The python-ldap mapping is not all that complex. Here's a trivial use of it;
assuming the object you're interested in is "o=oraclenames". All you
need to do is

------
import ldap
l = ldap.init("yourhostname")
l.protocol_vesrion = 3                     # not mandatory

res = l.search_s("o=oraclenames", ldap.SCOPE_BASE, "objectclass=*")
for dn, entry in res:
    print "dn: ", dn
    print "entry: ", entry
------

That's all. The dn is not relevant in this example (it will be
"o=oraclenames"). The entry is a dictionary of key, value pairs. Since
LDAP allows multiple values for attributes, the "value" may be a list. HTH.

Ganesan

-- 
Ganesan R

More information about the Python-list mailing list