A python/django Active Directory group management abstraction that uses python-ldap as a backend for cross-platform compatibility.
Project description
- Version:
- 2.0.0
- Dependencies:
Python 2.7, python-ldap 2.4.13
- Home page:
- License:
GNU LGPL (http://www.gnu.org/licenses/lgpl.html)
Installation
Run pip install ldap-groups
Add ldap-groups to INSTALLED_APPS
INSTALLED_APPS = (
...
'ldap_groups',
...
)Django Settings
There are a few settings that must be configured before ldap-groups will run.
Mandatory
LDAP_GROUPS_SERVER_URI - The ldap server’s uri, e.g. ‘ldap://example.com’
LDAP_GROUPS_BASE_DN - The base search dn, e.g. ‘DC=example,DC=com’
Optional
LDAP_GROUPS_BIND_DN - The bind user’s DN
LDAP_GROUPS_BIND_PASSWORD - The bind user’s password
NOTE: while a bind user is optional, many servers’ security settings will deny anonymous access.
LDAP_GROUPS_USER_LOOKUP_ATTRIBUTE - The attribute by which to search when looking up users (should be unique). Defaults to 'sAMAccountName'.
LDAP_GROUPS_ATTRIBUTE_LIST - A list of attributes returned for each member while pulling group members. An empty list should return all attributes. Defaults to ['displayName', 'sAMAccountName', 'distinguishedName'].
ADGroup Arguments
If ldap-groups is not used in a django project, the ADGroup object can be initialized like so:
ADGroup(group_dn, server_uri, base_dn[, user_lookup_attr[, group_attr_list[, bind_dn, bind_password]]])
Where: group_dn - The distinguished name of the group to manage. server_uri - The ldap server’s uri, e.g. ‘ldap://example.com’ base_dn - The base search dn, e.g. ‘DC=example,DC=com’ user_lookup_attr - The attribute by which to search when looking up users (should be unique). Defaults to 'sAMAccountName'. group_attr_list - A list of attributes returned for each member while pulling group members. An empty list should return all attributes. Defaults to ['displayName', 'sAMAccountName', 'distinguishedName']. bind_dn - The bind user’s DN bind_password - The bind user’s password
Usage
In its current state, ldap-groups can perform three functions:
Add a member to a group
Remove a member from a group
Get all members of a group (and their attributes) [only retrieves user object classes at this point]
An ADGroup instance only requires one argument to function: a group’s distinguished name. Once the ADGroup is instantiated, the rest is fairly simple:
from ldap_groups import ADGroup
GROUP_DN = "ou=users,dc=example,dc=com"
ACCOUNT_NAME = "jdoe"
class ADGroupModifier(object):
def __init__(self):
self.ad_group_instance = ADGroup(GROUP_DN)
def add_member(self):
self.ad_group_instance.add_member(ACCOUNT_NAME)
def remove_member(self):
self.ad_group_instance.remove_member(ACCOUNT_NAME)
def get_group_member_info(self):
return self.ad_group_instance.get_member_info()Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file ldap-groups-2.0.0.tar.gz.
File metadata
- Download URL: ldap-groups-2.0.0.tar.gz
- Upload date:
- Size: 19.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | fd75a18b16a0253189d0ca82fc33417142d206bdf4c3dffd8e1738f69e2d9c84 |
|
| MD5 | f3cfa0fa67cb61194375017f2b96a135 |
|
| BLAKE2b-256 | e5adebcac03f0d9993c602854bd1ca97ffe3b09b1a88f6bd501b95e3674c1cc4 |
