Set up LDAP to run from virtual env
This commit is contained in:
parent
f1b6be922d
commit
0189713ff1
22
ldapserver/ProtospaceAD.cer
Normal file
22
ldapserver/ProtospaceAD.cer
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIDpTCCAo2gAwIBAgIQbY2j16+A77pNZzc+AjlCsjANBgkqhkiG9w0BAQUFADBl
|
||||||
|
MRIwEAYKCZImiZPyLGQBGRYCY2ExGjAYBgoJkiaJk/IsZAEZFgpwcm90b3NwYWNl
|
||||||
|
MRIwEAYKCZImiZPyLGQBGRYCcHMxHzAdBgNVBAMTFlByb3Rvc3BhY2UtSW50ZXJu
|
||||||
|
YWwtQ0EwHhcNMTYxMjI5MDY1NzMxWhcNNDExMjI5MDcwNzMxWjBlMRIwEAYKCZIm
|
||||||
|
iZPyLGQBGRYCY2ExGjAYBgoJkiaJk/IsZAEZFgpwcm90b3NwYWNlMRIwEAYKCZIm
|
||||||
|
iZPyLGQBGRYCcHMxHzAdBgNVBAMTFlByb3Rvc3BhY2UtSW50ZXJuYWwtQ0EwggEi
|
||||||
|
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi6Ly6Qs9kJoiuZzWVYS+u5WEd
|
||||||
|
sVunrBMv2gXDL/L4dNO4Lt4+ef9CnzUng0MCf3J4mCzOPe1b1AGQwLx37a3/b2oD
|
||||||
|
PdIPcgLqTCtATjHHx0a5TPSqUXTeAgI9Cfig4flrMFBDmM3NyCZbrHDm0ZG03xxP
|
||||||
|
trtqc8fIueTcYAeUxkUaxmrLxPehZRVyGlcVKmjkGIyum/DSbiBDiyIFM1iuU80S
|
||||||
|
DxDEXKwqUPs4Bl9c94ViRxmgAlLEXlQJgsJUKsyHdLLYVFqkU29gn7licvJSLgJY
|
||||||
|
TsxykSZUwS9FFuokWxvpyzh89NOnKsFuB6SQNvOPvSsV6ttZ3mz1nAcj9OwTAgMB
|
||||||
|
AAGjUTBPMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR3
|
||||||
|
fENMsS1TOgvEMSP+/UPRAqGNNDAQBgkrBgEEAYI3FQEEAwIBADANBgkqhkiG9w0B
|
||||||
|
AQUFAAOCAQEARouzvMdacoz6kXjGfuqMjuy5raBP5I7O17WkT03LH67tJh2dnVUy
|
||||||
|
iGAj/EkOTlfDJ8k04dMpibkqBshMi6cVaFUKgXWLK+kEJvQ56zTwrNAMm/t+Hhdn
|
||||||
|
3og7H13T4TXkbeyzpeDYm38PYv1ITA/+K4L1/vPh9U31Cptama3vfalZyfPrTRHl
|
||||||
|
UHljOXaS89r20RoD1Tia1lV26ZsQa3QjkSHGzpx1lrnuW+jFmUm8RUBVJdgfCVMV
|
||||||
|
+PJmWYJ4aK2Ik6DARBulRRAJYFhmMkbPmLgNKA5qBnB3t2O8+KkwUmMNeMmjI/+v
|
||||||
|
0XLRWFmja+PJ0tU7GYnDget2D/Ob6kGGrg==
|
||||||
|
-----END CERTIFICATE-----
|
|
@ -5,7 +5,7 @@ import secrets
|
||||||
import base64
|
import base64
|
||||||
|
|
||||||
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
|
ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
|
||||||
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, secrets.LDAP_CERT)
|
ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, './ProtospaceAD.cer')
|
||||||
l = ldap.initialize('ldaps://ldap.ps.protospace.ca:636')
|
l = ldap.initialize('ldaps://ldap.ps.protospace.ca:636')
|
||||||
l.set_option(ldap.OPT_REFERRALS, 0)
|
l.set_option(ldap.OPT_REFERRALS, 0)
|
||||||
l.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
|
l.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
|
||||||
|
@ -44,47 +44,18 @@ def search(query):
|
||||||
finally:
|
finally:
|
||||||
l.unbind()
|
l.unbind()
|
||||||
|
|
||||||
def finduser(query):
|
def find_user(query):
|
||||||
'''
|
'''
|
||||||
Search for a user by sAMAccountname
|
Search for a user by sAMAccountname
|
||||||
'''
|
'''
|
||||||
try:
|
try:
|
||||||
bind = l.simple_bind_s(secrets.LDAP_USERNAME, secrets.LDAP_PASSWORD)
|
bind = l.simple_bind_s(secrets.LDAP_USERNAME, secrets.LDAP_PASSWORD)
|
||||||
|
|
||||||
criteria = '(&(objectClass=user)(sAMAccountName={})(!(objectClass=computer)))'.format(query)
|
criteria = '(&(objectClass=user)(sAMAccountName={})(!(objectClass=computer)))'.format(query)
|
||||||
results = l.search_s(BASE_Groups, ldap.SCOPE_SUBTREE, criteria, ['displayName','sAMAccountName','email'] )
|
results = l.search_s(BASE_Groups, ldap.SCOPE_SUBTREE, criteria, ['displayName','sAMAccountName','email'] )
|
||||||
|
|
||||||
print(" =============")
|
|
||||||
print(" Found %d Objects" % len(results))
|
|
||||||
print(" =============")
|
|
||||||
count = len(results)
|
|
||||||
rCode = count
|
|
||||||
|
|
||||||
if (count == 0):
|
|
||||||
rCode = "None"
|
|
||||||
elif (count == 1):
|
|
||||||
for result in results:
|
|
||||||
#print(" --- ")
|
|
||||||
#print(results)
|
|
||||||
dn, attr = result
|
|
||||||
print(dn, attr)
|
|
||||||
rCode = dn
|
|
||||||
else:
|
|
||||||
for result in results:
|
|
||||||
#print(" --- ")
|
|
||||||
#print(results)
|
|
||||||
dn, attr = result
|
|
||||||
print(dn, attr)
|
|
||||||
rCode(" Found %d Objects" % len(results))
|
|
||||||
|
|
||||||
except Exception as inst:
|
|
||||||
print("== Entering Except ==")
|
|
||||||
rCode = type(inst)
|
|
||||||
print(type(inst)) # the exception instance
|
|
||||||
|
|
||||||
finally:
|
finally:
|
||||||
l.unbind()
|
l.unbind()
|
||||||
return(rCode)
|
|
||||||
|
return(results)
|
||||||
|
|
||||||
def findgroup(query):
|
def findgroup(query):
|
||||||
'''
|
'''
|
||||||
|
@ -148,15 +119,6 @@ def create_user(first, last, username, email, password):
|
||||||
mod_acct = [(ldap.MOD_REPLACE, 'userAccountControl', b'512')]
|
mod_acct = [(ldap.MOD_REPLACE, 'userAccountControl', b'512')]
|
||||||
result = l.modify_s(dn, mod_acct)
|
result = l.modify_s(dn, mod_acct)
|
||||||
|
|
||||||
except Exception as inst:
|
|
||||||
print("== Entering Except ==")
|
|
||||||
rCode = type(inst)
|
|
||||||
print(type(inst)) # the exception instance
|
|
||||||
|
|
||||||
else:
|
|
||||||
#rCode = "Else"
|
|
||||||
print("== Entering Else ==")
|
|
||||||
|
|
||||||
finally:
|
finally:
|
||||||
print("== Entering Finally ==")
|
print("== Entering Finally ==")
|
||||||
l.unbind()
|
l.unbind()
|
||||||
|
@ -188,27 +150,28 @@ if __name__ == '__main__':
|
||||||
# ===========================================
|
# ===========================================
|
||||||
# Sample Progams
|
# Sample Progams
|
||||||
# ===========================================
|
# ===========================================
|
||||||
print("----------------------------------------------------------------------------------------")
|
#print("----------------------------------------------------------------------------------------")
|
||||||
i = 3
|
#i = 3
|
||||||
|
#
|
||||||
if ( i == 1):
|
#if ( i == 1):
|
||||||
rCode = finduser('*')
|
# rCode = find_user('*')
|
||||||
elif (i == 2):
|
#elif (i == 2):
|
||||||
rCode = search('*')
|
# rCode = search('*')
|
||||||
elif (i == 3):
|
#elif (i == 3):
|
||||||
rCode = create_user(
|
# rCode = create_user(
|
||||||
'billy',
|
# 'billy',
|
||||||
'gates',
|
# 'gates',
|
||||||
'billy.gates',
|
# 'billy.gates',
|
||||||
'billy.gates@protospace.ca',
|
# 'billy.gates@protospace.ca',
|
||||||
'P@ssw0rd99'
|
# 'P@ssw0rd99'
|
||||||
)
|
# )
|
||||||
elif ( i == 4):
|
#elif ( i == 4):
|
||||||
create_group('testgroup')
|
# create_group('testgroup')
|
||||||
else:
|
#else:
|
||||||
print("No function selected")
|
# print("No function selected")
|
||||||
|
#
|
||||||
|
#
|
||||||
print("ReturnCode = " + str(rCode))
|
#print("ReturnCode = " + str(rCode))
|
||||||
|
|
||||||
|
find_user('tanner.collin')
|
||||||
|
|
||||||
|
|
|
@ -4,4 +4,7 @@ gunicorn==20.0.4
|
||||||
itsdangerous==1.1.0
|
itsdangerous==1.1.0
|
||||||
Jinja2==2.11.1
|
Jinja2==2.11.1
|
||||||
MarkupSafe==1.1.1
|
MarkupSafe==1.1.1
|
||||||
|
pyasn1==0.4.8
|
||||||
|
pyasn1-modules==0.2.8
|
||||||
|
python-ldap==3.2.0
|
||||||
Werkzeug==0.16.1
|
Werkzeug==0.16.1
|
||||||
|
|
|
@ -5,3 +5,6 @@
|
||||||
# For example, use the first output of this:
|
# For example, use the first output of this:
|
||||||
# head /dev/urandom | sha1sum
|
# head /dev/urandom | sha1sum
|
||||||
AUTH_TOKEN = ''
|
AUTH_TOKEN = ''
|
||||||
|
|
||||||
|
LDAP_USERNAME = ''
|
||||||
|
LDAP_PASSWORD = ''
|
||||||
|
|
Loading…
Reference in New Issue
Block a user