Skip to content

Commit 8e184ee

Browse files
author
tes
committed
ldap
1 parent ce6859d commit 8e184ee

2 files changed

Lines changed: 91 additions & 1 deletion

File tree

README.md

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,9 @@
3737
* Web扫描:
3838
 [*scan_web_banner.py*](https://github.com/honglongwei/python-scripts/blob/master/scan_web_banner.py)
3939

40-
* Unix时间戳转换:
40+
* Unix时间戳转换:
4141
 [*unix_time_format.py*](https://github.com/honglongwei/python-scripts/blob/master/unix_time_format.py)
4242

43+
* LDAP认证:
44+
 [*ldap.py*](https://github.com/honglongwei/python-scripts/blob/master/ldap.py)
45+

ldap.py

Lines changed: 87 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,87 @@
1+
#!usr/bin/env python
2+
#coding: utf-8
3+
4+
import os
5+
import sys
6+
import ldap
7+
8+
def login_ldap(username, password):
9+
try:
10+
# print("开始执行")
11+
Server = "ldap://127.0.0.1:389"
12+
baseDN = "dc=baidu,dc=com"
13+
searchScope = ldap.SCOPE_SUBTREE
14+
# 设置过滤属性,这里只显示cn=test的信息
15+
searchFilter = "sAMAccountName=" + username
16+
# 为用户名加上域名
17+
username = 'baidu\\' + username
18+
19+
20+
# None表示搜索所有属性,['cn']表示只搜索cn属性
21+
retrieveAttributes = None
22+
23+
conn = ldap.initialize(Server)
24+
#非常重要
25+
conn.set_option(ldap.OPT_REFERRALS, 0)
26+
conn.protocol_version = ldap.VERSION3
27+
# 这里用户名是域账号的全名例如domain/name
28+
#print conn.simple_bind_s(username, password)
29+
conn.simple_bind_s(username, password)
30+
# print 'ldap connect successfully'
31+
32+
33+
#调用search方法返回结果id
34+
ldap_result_id = conn.search(baseDN, searchScope, searchFilter, retrieveAttributes)
35+
result_set = []
36+
#print ldap_result_id
37+
38+
#print("****************")
39+
while 1:
40+
result_type, result_data = conn.result(ldap_result_id, 0)
41+
if(result_data == []):
42+
break
43+
else:
44+
if result_type == ldap.RES_SEARCH_ENTRY:
45+
result_set.append(result_data)
46+
47+
#print result_set
48+
Name,Attrs = result_set[0][0]
49+
if hasattr(Attrs, 'has_key') and Attrs.has_key('name'):
50+
ret = {}
51+
#distinguishedName = Attrs['mail'][0]
52+
#distinguishedName = Attrs['name'][0]
53+
#distinguishedName = Attrs['displayName'][0]
54+
#distinguishedName = Attrs['mail'][0]
55+
#distinguishedName = Attrs['memberOf'][0]
56+
#distinguishedName = Attrs['mailNickname'][0]
57+
#distinguishedName = Attrs['sAMAccountName'][0]
58+
#distinguishedName = Attrs['distinguishedName'][0]
59+
#distinguishedName = Attrs['title'][0]
60+
#distinguishedName = Attrs['department'][0]
61+
#distinguishedName = Attrs['manager'][0]
62+
# print "Login Info for user : %s" % distinguishedName
63+
64+
ret['mail'] = Attrs['mail'][0]
65+
ret['username'] = Attrs['name'][0]
66+
ret['nickname'] = Attrs['displayName'][0]
67+
ret['code'] = 200010
68+
# print Attrs['memberOf'][0]
69+
#print Attrs['sAMAccountName'][0]
70+
71+
# print Attrs['title'][0]
72+
# print Attrs['department'][0]
73+
74+
75+
76+
return ret
77+
78+
else:
79+
return {'code': 400011, 'msg': u'认证失败'}
80+
except ldap.LDAPError, e:
81+
return {'code': 400012, 'msg': u'认证失败'}
82+
83+
if __name__ == "__main__":
84+
username = "" # ldap中用户名
85+
password = "" # ldap中密码
86+
87+
print login_ldap(username, password)

0 commit comments

Comments
 (0)