ldap3 python将用户添加到组中

Question

我正在使用python-ldap3编写一个小脚本来生成虚拟用户和组。

我很难将一个用户和一个组连接起来。运行此代码段后，我的服务器中没有任何更改：

conn.modify('cn=dancing,ou=test-groups,dc=stand,dc=lsd', {'memberuid': [(MODIFY_REPLACE, ['cn=User1, ou=users,dc=stand,dc=lsd'])]})

怎么了？

Answer 1

使用ldap3.extend.microsoft.addMembersToGroups

from ldap3.extend.microsoft.addMembersToGroups import ad_add_members_to_groups as addUsersInGroups

...

addUsersInGroups(conn, user_dn, group_dn)

完整脚本：

from ldap3 import Server, Connection, ALL, NTLM
from elizabeth import Personal, Address,Text
from ldap3.extend.microsoft.addMembersToGroups import ad_add_members_to_groups as addUsersInGroups
import random

serverName='dc1.stand.local'
connUser="stand.lsd\\Admin"
connUserPwd=""
usersOU = 'ou=test-ou,dc=stand,dc=local'
groupsOU = 'ou=test-groups,dc=stand,dc=local'

usersDnList = []
groupsDnList = []

server = Server(serverName, get_info=ALL)
conn = Connection(server, user=connUser, password=connUserPwd, authentication=NTLM)
conn.bind() #must be TRUE

conn.add(usersOU, 'organizationalUnit') # add test-ou for users
conn.add(groupsOU, 'organizationalUnit') # add test-ou for groups

data = Text('en')
for _ in range(0,10):
    currentGroup = 'cn='+data.word()+',ou=test-groups,dc=stand,dc=local'
    groupsDnList.append(currentGroup)
    conn.add(currentGroup, 'group')

address = Address('en')
person = Personal('en')
for _ in range(0,10):
    address_country = address.country()
    conn.add('ou='+address_country+',ou=test-ou,dc=stand,dc=local', 'organizationalUnit')
    for _ in range (0,10):
        name = person.name(gender='male')
        surname = person.surname(gender='male')
        currentUser = 'cn='+name+'.'+surname+','+'ou='+address_country+',ou=test-ou,dc=stand,dc=local'
        usersDnList.append(currentUser)
        conn.add(currentUser, 'User',
        {'givenName': name,
        'sn': surname,
        'departmentNumber': 'DEV',
        'telephoneNumber': 1111})

for _ in range(0,300):
    rndUser = random.choice(usersDnList)
    rndGroup = random.choice(groupsDnList)
    addUsersInGroups(conn, rndUser, rndGroup)

Answer 2

我解决它做..。

def insert_ldif (firstname, last_name, UserName, password):
host = 'YourldapIP'
user = 'root'
password = 'YourldapPassword'
a=''
b=a+1
uidNumber = str(b)


sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((host, 22))

session = Session()
session.handshake(sock)
session.userauth_password(user, password)
channel = session.open_session()

channel.shell()
channel.write('cat > /home/reemplaceusername/gen.ldif <<EOF\n')
channel.write('dn: uid= %s'',ou=MeLi,dc=lnxnet,dc=ldap\n' %UserName)
channel.write('objectClass: inetOrgPerson\n')
channel.write('objectClass: posixAccount\n')
channel.write('objectClass: shadowAccount\n')
channel.write('shadowLastChange: 0\n')
channel.write('uid: %s\n' %firstname)
channel.write('sn: %s\n' %last_name)
channel.write('givenName: %s\n'%firstname)
channel.write('cn: %s'%firstname)
channel.write(' %s\n'%last_name)
channel.write('displayName: %s ' %firstname)
channel.write('%s\n' %last_name)
channel.write('uidNumber: %s\n' %uidNumber)
channel.write('gidNumber: 5000\n')
channel.write('userPassword: %s\n'%password)
channel.write('gecos: %s ' %firstname)
channel.write('%s\n'%last_name)
channel.write('loginShell:/bin/bash\n')
channel.write('homeDirectory: /home/users/%s\n'%UserName)
channel.write('EOF\n')
channel.write('ldapadd -x -D cn=admin,dc=lnxnet,dc=ldap -W -f /home/reemplaceusername/gen.ldif\n')
channel.write('ldappassword\n')
channel.close()
size, data =  channel.read()
while size > 0:
    print(data.decode())
    size, data = channel.read()
channel.close()
print("Exit status: {0}".format(channel.get_exit_status()))