python-ldap: searching without specifying an OU?
michael at stroeder.com
Tue Apr 22 23:14:28 CEST 2008
> I am attempting to pull info from an LDAP server (Active Directory),
> but cannot specify an OU. In other words, I need to search users in
> all OU's, not a specific one.
If the user you're binding with has the right in AD to search the whole
subtree you can start searching at the domain-level.
> con = ldap.initialize("ldap://server.local")
> con.simple_bind_s('user at domain', pass)
Just for the records: A simple bind with userPrincipalName only works on
AD. It's not a LDAPv3 compliant bind request then (which requires a full
> result = con.search_ext_s(
> 'OU=some office, DC=server, DC=local',
> "sAMAccountName=username", ['mail']
> for i in result:
> print "%s = %s" (i, result[i])
> But i really need it to not require an OU.
It should work. I'm doing this quite often.
> When I remove that part, it breaks.
What does "it breaks" mean? Any exception raised by python-ldap?
> Maybe a different search function?
More information about the Python-list