python-ldap: searching without specifying an OU?
Michael Ströder
michael at stroeder.com
Tue Apr 22 17:14:28 EDT 2008
hotani wrote:
> I am attempting to pull info from an LDAP server (Active Directory),
> but cannot specify an OU. In other words, I need to search users in
> all OU's, not a specific one.
If the user you're binding with has the right in AD to search the whole
subtree you can start searching at the domain-level.
> con = ldap.initialize("ldap://server.local")
> con.simple_bind_s('user at domain', pass)
^^^^^^^^^^^^
Just for the records: A simple bind with userPrincipalName only works on
AD. It's not a LDAPv3 compliant bind request then (which requires a full
DN).
> result = con.search_ext_s(
> 'OU=some office, DC=server, DC=local',
> ldap.SCOPE_SUBTREE,
> "sAMAccountName=username", ['mail']
> )[0][1]
>
> for i in result:
> print "%s = %s" (i, result[i])
>
> But i really need it to not require an OU.
It should work. I'm doing this quite often.
> When I remove that part, it breaks.
What does "it breaks" mean? Any exception raised by python-ldap?
> Maybe a different search function?
Nope.
Ciao, Michael.
More information about the Python-list
mailing list