I am using ldap module of python to connect to ldap server. I am able to query the database but I dont know how to retrieve the fields present in the database, so that I can notify the user in advance to quering the database, telling him that the field he is trying to access is not in the database.
For example if the fields present are just
cn
memberOf
and if the user tries to query the database with filter
cn and memberOf and notcontained
I should be able to know that the notcontained attribute is not in the dabase schema.
How can I accomplish this.
Thanks.
You need to read the schema of your ldap server.
This code may work for you, as tempalte
#!/usr/bin/env python
#coding:utf-8
# Author: peter --<[email protected]>
# Purpose: Tareas comunes a utilizar con respecto a schemas ldap
# Created: 01/05/12
import ldap
import ldap.schema########################################################################
class SchemasIPA(object):__ldaps = ldap.schema#----------------------------------------------------------------------def __init__(self, url):"""Constructor"""ldap._trace_level = 0ldap.set_option(ldap.OPT_DEBUG_LEVEL,0)subschemasubentry_dn, self.schema = ldap.schema.urlfetch(url,ldap._trace_level)self.oc_tree = self.schema.tree(ldap.schema.ObjectClass) self.at_tree = self.schema.tree(ldap.schema.AttributeType) def getobjectclasses(self):"""trae la listas de objectclasses de un servidor dado"""allobjc = {}for a in self.oc_tree.keys():objc = self.schema.get_obj(ldap.schema.ObjectClass, a)if objc != None:allobjc[objc.oid] = (objc.names, objc.must, objc.may, objc.sup, objc.obsolete)return allobjcdef getatributes(self):"""trae la lista de atributos de un servidor dado"""allatt= {}o = []for a in self.at_tree.keys():att = self.schema.get_obj(ldap.schema.AttributeType, a)if att != None:allatt[att.oid] = (att.names, att.syntax, att.syntax_len, att.desc, att.collective, att.equality, att.single_value)return allattdef getvalidoid(self, objects):"""retorno un valor oid libre valida para la creacion de esquemas y atributosel proceso valido es pedirle a la iana un oid valido, pero se tarda mas de un meslos oid a utilizar son valores predefinidos al momento de la instalacion del servidor ldap"""passif __name__ == '__main__':sch = SchemasIPA('ldap://localhost')#at = sch.getatributes()ob = sch.getobjectclasses()for a, b in ob.iteritems():print aprint b[0]
Then you can wrapper this class like this
#a file contained the above class
import schemasolschemas = schemas.SchemasIPA(url='ldap://192.168.1.81')#here are, some magic :)
pa = olschemas.schema.get_obj(olschemas._SchemasIPA__ldaps.ObjectClass, 'posixaccount')
pa.must #going to print all the attributes that can't be null's
pa.may #going to print all the attributes that are optional's