open*** openldap 脚本认证操作
1.需要修改配置文件,添加如下内容:username-as-common-name
script-security 3
auth-user-pass-verify /etc/open***/ldap_auth.pyvia-env
verify-client-certnone
2.编写脚本内容如下:
######################################
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import os,sys
from ldap3 import Connection
class LdapOp(object):
def __init__(self,ip,dn):
self._ip = ip
self.dn = dn
def authUser(self,username,password):
try:
cn = 'uid=%s,ou=People,%s' % (username,self.dn)
conn2 = Connection(self._ip, user=cn, password=password,
check_names=True, lazy=False, raise_exceptions=False)
conn2.bind()
if conn2.result["description"] == "success":
rv = 0
else:
rv = 1
except Exception as e:
rv = 1
finally:
return rv
if __name__ == '__main__':
server_ip = '192.168.60.227'
dn = 'dc=test,dc=cn'
username = os.environ.get('username')
password = os.environ.get('password')
ldap = LdapOp(server_ip,dn)
rv = ldap.authUser(username,password)
sys.exit(rv)
页:
[1]