geert at boskant.nl
Thu Dec 6 20:04:01 CET 2007
Roland Hedberg wrote:
> On the topic python-ldap <-> AD:
> My problem is that I can add an entry using the User object class and
> attributes contained in that class without any problems.
> But when I try to add the samAccountName attribute and thereby the
> object class SecurityPrincipal the server complains.
I am not 100% sure wether this is the same issue, but I have noticed
that you cannot create a security principal in AD without a valid
password. But because you can only set the password once the principal
is created, this is a cyclical dependency. You can get out of this by
creating the account in the disabled state (by setting the appropriate
flag in userAccountControl), then setting the password, and then
On a related note, you may be interested in my current project
Python-AD: http://www.boskant.nl/trac/python-ad/ The code is ready for
use and I will make the first release in a couple of days. At the moment
the code is available though Mercurial.
I have an working example script of create a user with Python-AD here:
http://www.boskant.nl/trac/python-ad/wiki/TutorialFive The example sets
sAMAccountName and it works flawlessly.
More information about the python-ldap