We will use the ldap3 library and import Server, Connection, and ALL modules from it. ldap3 offers an object-oriented access to the directory servers of LDAP.
Listing 11.6 connects to a remote LDAP server and retrieves the server information and schema as follows:
#!/usr/bin/env python # Python Network Programming Cookbook, Second Edition
-- Chapter - 11 # This program is optimized for Python 2.7.12 and
Python 3.5.2. # It may run on any other version with/without
modifications. import argparse from ldap3 import Server, Connection, ALL def main(address): # Create the Server object with the given address. # Get ALL information. server = Server(address, get_info=ALL) #Create a connection object, and bind with auto
bind set to true. conn = Connection(server, auto_bind=True) # Print the LDAP Server Information. print('******************Server Info**************') print(server.info) # Print the LDAP Server Detailed Schema. print('******************Server Schema**************') print(server.schema) if __name__ == '__main__': parser = argparse.ArgumentParser(description=
'Query LDAP Server') parser.add_argument('--address', action="store",
dest="address", default='ipa.demo1.freeipa.org') given_args = parser.parse_args() address = given_args.address main (address)
Here we pass the address to the LDAP server as a command-line argument to print a detailed information of it shown as following:
$ python 11_6_connect_ldap_server.py --address=ldap.forumsys.com ******************Server Info************** DSA info (from DSE): Supported LDAP versions: 3 Naming contexts: dc=example,dc=com Supported controls: 1.2.826.0.1.3344810.2.3 - Matched Values - Control - RFC3876 1.2.840.113556.1.4.319 - LDAP Simple Paged Results - Control - RFC2696 1.3.6.1.1.12 - Assertion - Control - RFC4528 1.3.6.1.1.13.1 - LDAP Pre-read - Control - RFC4527 1.3.6.1.1.13.2 - LDAP Post-read - Control - RFC4527 1.3.6.1.4.1.4203.1.10.1 - Subentries - Control - RFC3672 2.16.840.1.113730.3.4.18 - Proxy Authorization Control - Control - RFC6171 2.16.840.1.113730.3.4.2 - ManageDsaIT - Control - RFC3296 Supported extensions: 1.3.6.1.1.8 - Cancel Operation - Extension - RFC3909 1.3.6.1.4.1.1466.20037 - StartTLS - Extension - RFC4511-RFC4513 1.3.6.1.4.1.4203.1.11.1 - Modify Password - Extension - RFC3062 1.3.6.1.4.1.4203.1.11.3 - Who am I - Extension - RFC4532 Supported features: 1.3.6.1.1.14 - Modify-Increment - Feature - RFC4525 1.3.6.1.4.1.4203.1.5.1 - All Op Attrs - Feature - RFC3673 1.3.6.1.4.1.4203.1.5.2 - OC AD Lists - Feature - RFC4529 1.3.6.1.4.1.4203.1.5.3 - True/False filters - Feature - RFC4526 1.3.6.1.4.1.4203.1.5.4 - Language Tag Options - Feature - RFC3866 1.3.6.1.4.1.4203.1.5.5 - language Range Options - Feature - RFC3866 Schema entry: cn=Subschema Vendor name: [] Vendor version: [] Other: objectClass: top OpenLDAProotDSE structuralObjectClass: OpenLDAProotDSE entryDN: configContext: cn=config ******************Server Schema************** DSA Schema from: cn=Subschema Attribute types:{'olcAuthIDRewrite': Attribute type: 1.3.6.1.4.1.4203.1.12.2.3.0.6 Short name: olcAuthIDRewrite Single value: False Equality rule: caseIgnoreMatch Syntax: 1.3.6.1.4.1.1466.115.121.1.15 [('1.3.6.1.4.1.1466.115.121.1.15', 'LDAP_SYNTAX', 'Directory String', 'RFC4517')] Optional in: olcGlobal Extensions: X-ORDERED: VALUES , 'olcUpdateDN': Attribute type: 1.3.6.1.4.1.4203.1.12.2.3.2.0.12 Short name: olcUpdateDN Single value: True Syntax: 1.3.6.1.4.1.1466.115.121.1.12 [('1.3.6.1.4.1.1466.115.121.1.12', 'LDAP_SYNTAX', 'DN', 'RFC4517')] Optional in: olcDatabaseConfig , 'namingContexts': Attribute type: 1.3.6.1.4.1.1466.101.120.5 Short name: namingContexts Description: RFC4512: naming contexts Single value: False Usage: unknown Syntax: 1.3.6.1.4.1.1466.115.121.1.12 [('1.3.6.1.4.1.1466.115.121.1.12', 'LDAP_SYNTAX', 'DN', 'RFC4517')] OidInfo: ('1.3.6.1.4.1.1466.101.120.5', 'ATTRIBUTE_TYPE', 'namingContexts', 'RFC4512') , 'olcAccess': Attribute type: 1.3.6.1.4.1.4203.1.12.2.3.0.1 Short name: olcAccess Description: Access Control List Single value: False Equality rule: caseIgnoreMatch Syntax: 1.3.6.1.4.1.1466.115.121.1.15 [('1.3.6.1.4.1.1466.115.121.1.15', 'LDAP_SYNTAX', 'Directory String', 'RFC4517')] Optional in: olcDatabaseConfig Extensions: X-ORDERED: VALUES , 'businessCategory': Attribute type: 2.5.4.15 Short name: businessCategory ........ ......
The complete output of the execution for the address https://ipa.demo1.freeipa.org/ipa/ui/ and ldap.forumsys.com are stored in the files 11_6_output_with_ipa.demo1.freeipa.org.txt and 11_6_output_with_ldap.forumsys.com.txt respectively.
Following is a screenshot of the execution, indicating the detailed output of the execution:
Connect to the LDAP Server