Python authentication in Active Directory?

T

twintwin10032015-11-02 00:23:03

Python

twintwin1003, 2015-11-02 00:23:03

It is necessary to make user authentication in AD in python. I decided to use ldap lib, only there is one small BUT
- with incorrect data, I get a lapel-turn from the server
- in the case of correct data or empty username = '', password = '' everything is OK
, how so?
Why does it take empty input?

#!/usr/bin/env python

import ldap

def authenticate(address, username, password):
    conn = ldap.initialize('ldap://' + address)
    conn.protocol_version = 3
    conn.set_option(ldap.OPT_REFERRALS, 0)

    try:
        result = conn.simple_bind_s(username, password)
    except ldap.INVALID_CREDENTIALS:
        return "Invalid credentials"
    except ldap.SERVER_DOWN:
        return "Server down"
    except ldap.LDAPError, e:
        if type(e.message) == dict and e.message.has_key('desc'):
            return "Other LDAP error: " + e.message['desc']
        else: 
            return "Other LDAP error: " + e
    finally:
        conn.unbind_s()

    return "Succesfully authenticated"


name = '[email protected]'
password = 'Qwerty12345'

name = ''
password = ''

result = authenticate('192.168.1.33', name, password)

print result

Response for invalid data:
ldap.INVALID_CREDENTIALS: {'info': '80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580', 'desc': 'Invalid credentials'}
Valid and empty data:
( 97, [], 5, [])
3 parameter is always incremented.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexey S., 2015-11-02
@twintwin1003

Connect like this:
import ldap
conn = ldap.open("ad.corp.mydomen.ru")
conn.simple_bind_s("[email protected]", "secret")