一、安装ldap3模块(python版本为python3以上,Django=1.11.8)
pip install ldap3
二、相关代码
from ldap3 import Server, Connection, ALL, SUBTREE, ServerPool,ALL_ATTRIBUTES LDAP_SERVER_POOL = ["AD_IP1", "AD_IP2"] LDAP_SERVER_PORT = 389 ADMIN_DN = "administrator@domainname.com" ADMIN_PASSWORD = "xxxxxxx" SEARCH_BASE = "ou=Users,dc=domainname,dc=com" def ldap_auth(username, password): ldap_server_pool = ServerPool(LDAP_SERVER_POOL) conn = Connection(ldap_server_pool, user=ADMIN_DN, password=ADMIN_PASSWORD, check_names=True, lazy=False, raise_exceptions=False) conn.open() conn.bind() res = conn.search( search_base = SEARCH_BASE, search_filter = '(sAMAccountName={})'.format(username), search_scope = SUBTREE, attributes = ['cn', 'givenName', 'mail', 'sAMAccountName','department','manager'], #ALL_ATTRIBUTES:获取所有属性值 # attributes=ALL_ATTRIBUTES, paged_size = 5 ) if res: entry = conn.response[0] # print(entry) dn = entry['dn'] attr_dict = entry['attributes'] # check password by dn try: conn2 = Connection(ldap_server_pool, user=dn, password=password, check_names=True, lazy=False, raise_exceptions=False) conn2.bind() if conn2.result["description"] == "success": print((True,attr_dict["sAMAccountName"],password, attr_dict["mail"], attr_dict["cn"],attr_dict["department"], attr_dict["givenName"])) return (True, attr_dict["sAMAccountName"],password, attr_dict["mail"],attr_dict["cn"],attr_dict["department"],attr_dict["givenName"]) else: print("auth fail") return (False, None, None, None) except Exception as e: print("auth fail") return (False, None, None, None) else: return (False, None, None, None) if __name__ == "__main__": ldap_auth("administrator", "xxxxxxxx")
官方文档链接:
https://ldap3.readthedocs.io/index.html