Split entries from LDAP

[Lars]

Hi
I got some programming experience and I recently started looking into
Python. I've read much of the tutorial from 2.6 documentation. But it
was more interesting to get started on something I needed. I'm trying
to create a script that creates a variable list (just a txt file to be
included in bash scripts) with hosts from LDAP. The file will include
some static entries and the hosts based on 'cn', 'ipHostNumber' and I
might as well set the 'description' as commen,t when the list from
LDAP is created.
I got all the entries in the variable "raw_res" and I now got some
doubts on how to split each value up in every entry. Belove you can
see one of entries printed from the loop.
cn=world.dom.dk,ou=Hosts,o=Users,dc=dom,dc=dk', {'ipHostNumber':
['192.168.0.43'], 'cn': ['world.dom.dk'], 'description':
['Mail&webserver']})"

I've tried different things, but don't quite know to split the tuple.
The examples I've seen is with a nice clean list ("a", "b", "z"), and
mine is full of special characters and etc., so some direction would
be appreciated.


/Lars


----------------------------------------------
#!/usr/bin/env python

import ldap, sys, ldif

# .: LDAP Connection Settings :.
server="NA"
username="NA"
passwd="NA"
basedn="NA"

try:
l = ldap.initialize(server)
l.protocol_version = ldap.VERSION3
l.simple_bind(username, passwd)
filter = '(objectClass=ipHost)'
attrs = ['cn','ipHostNumber','description']
raw_res = l.search_s( basedn, ldap.SCOPE_SUBTREE, filter, attrs )
except ldap.INVALID_CREDENTIALS:
print "Your username or password is incorrect."
sys.exit()
except ldap.LDAPError, e:
print e
sys.exit()

#print raw_res

for I in range(len(raw_res)):
print I, ": ",

l.unbind()

 

[paul]

I got all the entries in the variable "raw_res" and I now got some
doubts on how to split each value up in every entry. Belove you can
see one of entries printed from the loop.
cn=world.dom.dk,ou=Hosts,o=Users,dc=dom,dc=dk', {'ipHostNumber':
['192.168.0.43'], 'cn': ['world.dom.dk'], 'description':
['Mail&webserver']})"

I've tried different things, but don't quite know to split the tuple.

search_s() returns a tuple of lenght 2. The first entry is the DN, the
second entry is a dictionary with attributes as keys and lists of values
as values. Possible function to handle this (untested):

def print_entry(entry):
print "Got Entry for DN: %s" % entry[0]
print "Attributes:"
for key, value in entry[1].items():
print "\tKey: %s" % key
print "\tValue(s): %s" ", ".join(value)
print

the ", ".join(value) creates a string from a list, check the docs for
dictionaries for other syntax elements.

cheers
Paul

 

[Michael Ströder]

I'm trying
to create a script that creates a variable list (just a txt file to be
included in bash scripts) with hosts from LDAP.

What exactly do you want to do? I'd recommend against passing a custom
text format around. Use either LDIF or CSV with decent modules.

The file will include
some static entries and the hosts based on 'cn', 'ipHostNumber' and I
might as well set the 'description' as commen,t when the list from
LDAP is created.

Better give an example.

I got all the entries in the variable "raw_res" and I now got some
doubts on how to split each value up in every entry.

raw_res = l.search_s( basedn, ldap.SCOPE_SUBTREE, filter, attrs )

This is the synchronous method which might not be suitable for large
result sets.

for I in range(len(raw_res)):
print I, ": ",

In a simple case you could do:

for dn,entry in raw_res:
print dn,entry # or whatever

But in LDAPv3 search results can also be search continuation (or
sometimes called referrals). E.g. AD makes use of them when search from
the domain level (without subordinate ou). In python-ldap these are
returned as a 2-tuple (None,StringType with LDAP URL).

So be prepared to handle the case that in the example above dn is None
and entry is a LDAP URL pointing to another server or part of the DIT.

pprint.pprint(l.search_s('ou=Testing,dc=...',ldap.SCOPE_ONELEVEL,attrlist=['cn']))
[('uid=anna,ou=Testing,dc=stroeder,dc=de',
{'cn': ['Anna Blume']}),
('cn=Fred Feuerstein,ou=Testing,dc=stroeder,dc=de',
{'cn': ['Fred Feuerstein']}),
(None, ['ldap://ldap.openldap.org/dc=openldap,dc=org??base'])]

Ciao, Michael.