import ldap
import base64
import ldap.modlist as modlist
server = "ldaps://X.X.X.X:636"
who = 'administrator@bru.com'
cred = base64.b64decode(XXXXXXXXXXXXXX)
path = 'dc=bru,dc=com'
dn ='CN=saauto\ user8,CN=Users,dc=bru,dc=com'
domain='bru.com'
password = base64.b64decode(b'cmVzZXRwd2RDQVBTQDEyMw==')
firstname='saauto'
surname='user8'
username = firstname+surname
upn = firstname+surname+'@'+domain
department = 'SME'
country = 'India'
email = firstname+surname+'@'+ domain
manager = 'CN=Administrator,CN=Users,DC=bru,DC=com'
displayname = firstname + surname
city = 'XXXXXXXX'
description = 'Joined on 06-11-2016'
mobile = 'XXXXXXXXXXX'
title = 'SME'
attrs = {}
attrs['objectclass'] = ['top','person','organizationalPerson','user']
attrs['cn'] = str(username)
attrs['userPassword'] = str(password)
attrs['givenName']=str(firstname)
attrs['sn']=str(surname)
attrs['description'] = str(description)
attrs['userPrincipalName'] = str(upn)
attrs['sAMAccountName'] = str(username)
attrs['department'] = str(department)
attrs['c'] = ['IN']
attrs['co'] = str (country)
attrs['l'] = str (city)
attrs['mobile'] = str (mobile)
attrs['title'] = str(title)
attrs['userAccountControl'] = ['544']
attrs['mail']=str (email)
attrs['displayName'] = str(displayname)
attrs['manager'] = str(manager)
add_member = [(ldap.MOD_ADD, 'member', dn)]
mods = [(ldap.MOD_REPLACE, 'unicodePwd', ''.join(('"', password, '"')).encode('utf-16').lstrip('\377\376'),)]
ldif = modlist.addModlist(attrs)
l = ldap.initialize(server)
l.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
l.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
l.set_option( ldap.OPT_DEBUG_LEVEL, 255 )
l.simple_bind_s(who, cred)
l.add_s(dn, ldif)
l.modify(dn, mods)
l.unbind_s()
尝试执行此代码时获取错误 ldap.INVALID_DN_SYNTAX:{' info':" 00002081:NameErr:DSID-03050C42,问题2003(BAD_ATT_SYNTAX),数据0,最佳匹配:\ n \ t' CN = s aauto user8,CN = Users,dc = bru,dc = com' \ n",' desc':'无效的DN语法'}
如果我删除了DN的CN部分的空格,即dn =' CN = saautouser8,CN = Users,dc = bru,dc = com'然后它正在工作。我也试过反斜杠。另外,当阅读文章时,它说在名称之间有空格并不是问题,如果它在开始或结束时我们需要使用转义字符。但我不知道为什么我无法完成这项工作。
答案 0 :(得分:0)
据我所知,你必须同时匹配两种情况,而不仅仅是
dn ='CN=saauto\ user8,CN=Users,dc=bru,dc=com'
如果您想使用" saauto user8"创建用户然后为该用户提供正确的cn属性:
attrs['cn'] = str(username) should be replaced with attrs['cn'] = 'saauto user8'
我也处理过这个问题,这就是我解决它的方式。关于空白,我没有任何问题。希望这会有所帮助。