Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import ldap3
- conn = ldap3.Connection(
- server="ldaps://foobar",
- user="username@domain", # normally full DN, but AD supports this format as well
- password="password",
- auto_bind=ldap3.AUTO_BIND_NONE,
- authentication=ldap3.SIMPLE,
- raise_exceptions=True,
- auto_referrals=False, # 90% you want it set to False
- receive_timeout=10, # seconds, exception afterwards
- )
- conn.start_tls()
- conn.bind()
- search = conn.extend.standard.paged_search(
- search_base="dc=domain",
- search_filter="(userPrincipalName=username@domain)", # or (cn=username) or (sAMAccountName=username) or whatever
- search_scope=ldap3.SUBTREE,
- attributes=ldap3.ALL_ATTRIBUTES,
- dereference_aliases=ldap3.DEREF_NEVER,
- generator=True,
- )
- entries = [entry for entry in search if entry["type"] == "searchResEntry"] # not sure how to get rid of all the aliases otherwise
- assert len(entries) is 1, "got {0} entries".format(len(entries))
- entry = entries[0]
- dn = entry["dn"]
- changes = {
- "attributeName": [
- [ldap3.MODIFY_DELETE, ["old value 1", "old value 2",]],
- [ldap3.MODIFY_ADD, ["a new value"]],
- ]
- }
- conn.modify(dn, changes)
- conn.unbind()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement