python-ldap 将成员添加到 Active Directory 组

python-ldap 将成员添加到 Active Directory 组

我正在尝试使用 python-ldap 模块通过脚本将成员添加到 Active Directory 组。以下是我迄今为止的尝试:

import ldap
from ldap import modlist as modlist

l = ldap.initialize(server)
l.simple_bind_s(username, password)
l.set_option(ldap.OPT_REFERRAL)

old_members = new_members = dict()
new_members['member'] = 'cn=Forename Name,ou=Users,dc=DOMAIN'
old_members
group_dn = 'cn=GROUP,ou=Groups,dc=DOMAIN'

try:
    ldif = modlist.modifyModlist(old_members,new_members)
    l.modify_s(group_dn, ldif)
except ldap.LDAPError,e:
    print e

我收到此错误:LdapError: DSID-0C090C48, comment: Error in attribute conversion

在 Google 上搜索了好久,我还是不知道这个错误是从哪里来的。

我很高兴能得到一个提示,或者另一种方式将用户添加到组中,这应该是 python-ldap 中相当常见的任务

非常感谢

答案1

我正在看你的代码,我认为这行创建了两个指向同一本字典的指针:

旧成员 = 新成员 = dict()

当您运行此行时,这将导致 ldif 对象等于 []:

ldif = modlist.modifyModlist(旧成员,新成员)

答案2

改变

old_members = new_members = dict()

old_members = dict()
new_members = dict()
new_members['member'] = 'cn=Forename Name,ou=Users,dc=DOMAIN'

我测试了一下是没问题的。

答案3

from ldap3 import Server, Connection, ALL, NTLM
from elizabeth import Personal, Address,Text
from ldap3.extend.microsoft.addMembersToGroups import ad_add_members_to_groups as addUsersInGroups
import random

serverName='dc1.stand.local'
connUser="stand.lsd\\Admin"
connUserPwd=""
usersOU = 'ou=test-ou,dc=stand,dc=local'
groupsOU = 'ou=test-groups,dc=stand,dc=local'

usersDnList = []
groupsDnList = []

server = Server(serverName, get_info=ALL)
conn = Connection(server, user=connUser, password=connUserPwd, authentication=NTLM)
conn.bind() #must be TRUE

conn.add(usersOU, 'organizationalUnit') # add test-ou for users
conn.add(groupsOU, 'organizationalUnit') # add test-ou for groups

data = Text('en')
for _ in range(0,10):
    currentGroup = 'cn='+data.word()+',ou=test-groups,dc=stand,dc=local'
    groupsDnList.append(currentGroup)
    conn.add(currentGroup, 'group')

address = Address('en')
person = Personal('en')
for _ in range(0,10):
    address_country = address.country()
    conn.add('ou='+address_country+',ou=test-ou,dc=stand,dc=local', 'organizationalUnit')
    for _ in range (0,10):
        name = person.name(gender='male')
        surname = person.surname(gender='male')
        currentUser = 'cn='+name+'.'+surname+','+'ou='+address_country+',ou=test-ou,dc=stand,dc=local'
        usersDnList.append(currentUser)
        conn.add(currentUser, 'User',
        {'givenName': name,
        'sn': surname,
        'departmentNumber': 'DEV',
        'telephoneNumber': 1111})

for _ in range(0,300):
    rndUser = random.choice(usersDnList)
    rndGroup = random.choice(groupsDnList)
    addUsersInGroups(conn, rndUser, rndGroup)

相关内容