Turn from: http://www.vpsee.com/
The weekend to see those who line up the blood spell, do not go into shopping mall, do not see those colorful discounts and visual impact can feel "the festival is coming." ”。 A year is coming to an end, finish up the backup, upgrade, and so on this week, followed by a 6-week vacation, no big deal, go to Durban, South Africa for the 1th week, take a high performance computing meeting, come back and take a short trip with the family, and learn something new at home on Christmas, like fixing a car or something Several painful experience tells me to come out to play sooner or later is to be bad, to hiking/camping/road trip/4x4 These several key words enthusiasts to know the maintenance common sense is necessary. Nonsense to stay until the holidays, the next six weeks may not have Technical blog update ~
Recently, the LDAP server to deal with the data above, have the opportunity to contact the PYTHON-LDAP this library and Ldap/kerberos. After removing all the printing and error-handling code, it's easy to use PYTHON-LDAP to manipulate the LDAP backbone code, so just a few lines, the only small trouble is to toss for one hours before you know ' TRUE ' to capitalize (said later). Install Python-ldap
Install the Python-ldap module under Ubuntu/debian:
$ sudo apt-get install Python-ldap
Install the Python-ldap module under Centos/rhel:
# yum Install Python-ldap
Create
Create an LDAP new record. There is a point to note that our LDAP has an attribute active that is used to determine whether the user account is activated attrs[' active ' = ' true ', where ' true ' cannot be used ' true ' in lowercase, and just started being mistaken for the lowercase ' true ' on the LDAP admin tool Guide, the old thought Python program should also use lowercase, the results of the total error.
def ldap_add (FirstName, LastName, username):
l = Ldap.open (ldap_host)
l.protocol_version = LDAP. VERSION3
l.simple_bind (ldap_bind, ldap_pass)
cn = FirstName + ' + LastName adddn
= ' cn=%s,ou=people,dc= vpsee,dc=com "% cn
attrs = {}
attrs[' objectclass '] = [' top ', ' person ', ' inetOrgPerson ', ' posixaccount ', '" Vpseeaccount ']
attrs[' cn '] = cn
attrs[' givenname '] = FirstName attrs[
' homedirectory '] = '/home/people/% S '% username
attrs[' loginshell '] = '/bin/bash '
attrs[' sn '] = LastName attrs[
' uid ' = Username
attrs[' uidnumber '] = Ldap_newuid ()
attrs[' gidnumber '] = Ldap_getgid ()
attrs[' active '] = ' TRUE '
ldif = Modlist.addmodlist (attrs)
l.add_s (ADDDN, LDIF)
l.unbind_s ()
Find and Read
Find and read an LDAP record, such as finding a CN based on username:
def LDAP_GETCN (username):
try:
l = Ldap.open (ldap_host)
l.protocol_version = LDAP. VERSION3
l.simple_bind (ldap_bind, ldap_pass)
SearchScope = LDAP. Scope_subtree
searchfilter = "uid=*" + username + "*"
ResultId = L.search (Ldap_base, SearchScope, Searchfilter, N one)
result_set = []
while 1:
result_type, result_data = L.result (resultid, 0)
if (result_data = []):
break
Else:
if result_type = = LDAP. Res_search_entry:
result_set.append (result_data) return
result_set[0][0][1][' cn '][0]
except LDAP. Ldaperror, E:
print E
Update
Update an LDAP record, such as update user status Active to false:
def ldap_deactive (username):
try:
l = Ldap.open (ldap_host)
l.protocol_version = LDAP. VERSION3
l.simple_bind (ldap_bind, ldap_pass)
Deactivedn = ("cn=%s," + ldap_base)% LDAP_GETCN (username)
Old = {' active ': ' TRUE '}
new = {' Active ': ' FALSE '}
ldif = Modlist.modifymodlist (old, new)
l.modify_s ( Deactivedn, LDIF)
l.unbind_s ()
except LDAP. Ldaperror, E:
print E
Remove
Delete an LDAP record:
def ldap_delete (username):
try:
l = Ldap.open (ldap_host)
l.protocol_version = LDAP. VERSION3
l.simple_bind (ldap_bind, ldap_pass)
Deletedn = ("cn=%s," + ldap_base)% LDAP_GETCN (username)
l.delete_s (DELETEDN)
except LDAP. Ldaperror, E:
print E