如何使用Python

时间:2017-09-07 19:28:59

标签: python python-2.7 active-directory

我正在尝试使用python获取特定LDAP组的AD组成员的电子邮件地址。

我有以下代码。 Print m语句写下面的内容。

输出:

CN=Admin_abc20,OU=Admin ID's,OU=TEST1,DC=other_example,DC=example,DC=com
CN=leterd,OU=Employees,OU=BACD,DC=na,DC=example,DC=com
CN=mytest37,OU=Employees,OU=SUNPH,DC=na,DC=example,DC=com
CN=Doe Mestre\, John,OU=Partners &    Contractors,OU=TEST1,DC=other_example,DC=example,DC=com
CN=Robin\, Mark [ABCD],OU=Partners & Contractors,OU=JJCUS,DC=na,DC=example,DC=com
CN=San Irdondo\, Paul [TEST1 Non-ABC],OU=Partners & Contractors,OU=TEST1,DC=other_example,DC=example,DC=com

我的代码:

def get_group_members(group_name, ad_conn, basedn=AD_USER_BASEDN):
   members = []
   ad_filter = AD_GROUP_FILTER.replace('My_Group_Name', group_name)
   result = ad_conn.search_s(basedn, ldap.SCOPE_SUBTREE, ad_filter)
      if result:
         if len(result[0]) >= 2 and 'member' in result[0][1]:
             members_tmp = result[0][1]['member']
             for m in members_tmp:
               print m
               #email = ad_conn.search_s(m, ldap.SCOPE_SUBTREE,'(objectClass=*)',['mail'])
               #print email

现在,当我从我的代码的最后两行删除评论以获取人员的电子邮件地址时,我收到以下错误,请注意我已将公司的ldap标识符更改为example / test。

你能帮我解决这个问题吗?我是python的新手。

Traceback (most recent call last):
File "/app/abc/python/Test_new.py", line 81, in <module>
group_members = get_group_members(group_name, ad_conn)
File "/app/abc/python/Test_new.py", line 58, in get_group_members
email = ad_conn.search_s(m, ldap.SCOPE_SUBTREE,'(objectClass=*)',   ['mail'])
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 516, in search_s
return      self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 510, in search_ext_s
return self.result(msgid,all=1,timeout=timeout)[1]
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 436, in result
res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 440, in result2
res_type, res_data, res_msgid, srv_ctrls = self.result3(msgid,all,timeout)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 446, in result3
ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call
result = func(*args,**kwargs)
ldap.REFERRAL: {'info': 'Referral:\nldap://ab.example.com/CN=Radfde3,OU=Partners%20&%20Contractors,OU=JANBE,DC=eu,DC=example,DC=com', 'desc': 'Referral'}

1 个答案:

答案 0 :(得分:0)

我对Python知之甚少,但我认为你的问题在于LDAP过滤器。尝试使用最后两行代码:

email = ad_conn.search_s(m, ldap.SCOPE_SUBTREE,'(&(objectClass=person)(mail=*))')
print email

我希望这有帮助!