神啊救救我,LDAP程序怎麼也運行不了,極度鬱悶
我已經配置好了我的ubuntu610可以登錄Windows2003AD了,但是運行我的Python連接LDAP的腳本怎麼都是失敗,錯誤信息:
root@ubuntu6s:/home/temp# python adtest2.py
<ldap.ldapobject.SimpleLDAPObject instance at 0xb7d176ec>
1
Successfully bound to server.
Searching..
{'info': '00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece', 'desc': 'Operations error'}
在Windows2003AD上已經可以看到我ubuntu的計算機名
Python源代碼如下:
#!/usr/bin/python
#-*- coding:utf-8 -*-
import ldap
def main():
server = "192.168.100.150"
who = "administrator"
cred = "123456"
keyword = "ffb"
try:
#l = ldap.open(server)
l = ldap.initialize('ldap://192.168.100.150')
print l
b = l.bind('cn=administrator,o=MyDOMAIN','PASSWORD',ldap.AUTH_SIMPLE)
print b
#l.bind_s(who, cred, ldap.AUTH_SIMPLE)
print "Successfully bound to server.\n"
print "Searching..\n"
my_search(l, keyword)
except ldap.LDAPError, error_message:
print "Couldn't Connect. %s " % error_message
def my_search(l, keyword):
base = ""
scope = ldap.SCOPE_SUBTREE
filter = "cn=" + "*" + keyword + "*"
retrieve_attributes = None
count = 0
result_set = []
timeout = 0
try:
result_id = l.search(base, scope, filter, retrieve_attributes)
while 1:
result_type, result_data = l.result(result_id, timeout)
if (result_data == []):
break
else:
result_type
if result_type == ldap.RES_SEARCH_ENTRY:
result_set.append(result_data)
if len(result_set) == 0:
print "No Results."
return
for i in range(len(result_set)):
result_set
for entry in result_set:
try:
name = entry['cn']
email = entry['mail']
phone = entry['telephonenumber']
desc = entry['description']
count = count + 1
print "%d.\nName: %s\nDescription: %s\nE-mail: %s\nPhone: %s\n" %\
(count, name, desc, email, phone)
except:
pass
except ldap.LDAPError, error_message:
print error_message
if __name__=='__main__':
main()
還用PHP和C#做了試驗,全部不能成功,但是找了一個叫ADModify的軟體就可以從AD上取得一切信息(如組什麼的)
折騰了好幾天了,極度鬱悶
《解決方案》
沒用過Python
但看樣子是是連上了,指定一個base 看看
《解決方案》
base = "cn=pyw, CN=users,DC=TECH,DC=com"
加了base也還是不行~,鬱悶
《解決方案》
我新建了一個ldif文件
root@ubuntu6s:/home/temp# cat /test.ldif
dn: dc=tech,dc=com
objectclass: dcObject
objectclass: organization
o: tech
dc: tech
dn: cn=users,dc=tech,dc=com
objectclass: organizationalRole
cn: aduser
然後
root@ubuntu6s:/home/temp# ps aux |grep slapd
root 20208 0.0 0.2 2796 748 pts/0 R+ 04:28 0:00 grep slapd
然後
root@ubuntu6s:/home/temp# ldapadd -x -D "cn=aduser,cn=users,dc=tech,dc=com" -W -f /test.ldif
Enter LDAP Password:
ldap_bind: Can't contact LDAP server (-1)
其中,aduser是Win2003AD上的用戶(有DomainAdmin許可權)
為什麼會出錯呢?