archive-org.com » ORG » P » PYTHON-LDAP.ORG

Total: 40

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • dsml DSMLv1 parser and generator — python-ldap 2.4.22.0 documentation
    Write the header writeRecord dn entry dn string representation of distinguished name entry dictionary holding the LDAP entry attr data class dsml DSMLParser input file ContentHandlerClass ignored attr types None max entries 0 Base class for a DSMLv1 parser Applications should sub class this class and override method handle to implement something meaningful Public class attributes records read Counter for records processed so far Arguments input file File object to

    Original URL path: https://www.python-ldap.org/doc/html/dsml.html (2016-04-29)
    Open archived version from archive



  • Abstract This document describes the package python ldap with its various modules Depending on what you want to do this manual assumes basic to expert knowledge about the Python language and the LDAP standard LDAPv3 Contents toctree maxdepth 3 installing rst ldap rst ldap async rst ldap controls rst ldap dn rst ldap extop rst ldap filter rst ldap modlist rst ldap resiter rst ldap schema rst ldap syncrepl rst

    Original URL path: https://www.python-ldap.org/doc/html/_sources/index.txt (2016-04-29)
    Open archived version from archive


  • a protocol such as Transport Layer Security TLS which provides session confidentiality py exception CONNECT ERROR py exception CONSTRAINT VIOLATION An attribute value specified or an operation started violates some server side constraint e g a postalAddress has too many lines or a line that is too long or a password is expired py exception CONTROL NOT FOUND py exception DECODING ERROR An error was encountered decoding a result from the LDAP server py exception ENCODING ERROR An error was encountered encoding parameters to send to the LDAP server py exception FILTER ERROR An invalid filter was supplied to py meth search e g unbalanced parentheses py exception INAPPROPRIATE AUTH Inappropriate authentication was specified e g py const AUTH SIMPLE was specified and the entry does not have a userPassword attribute py exception INAPPROPRIATE MATCHING Filter type not supported for the specified attribute py exception INSUFFICIENT ACCESS The user has insufficient access to perform the operation py exception INVALID CREDENTIALS Invalid credentials were presented during py meth bind or py meth simple bind e g the wrong password py exception INVALID DN SYNTAX A syntactically invalid DN was specified Sets the py const matched field py exception INVALID SYNTAX An attribute value specified by the client did not comply to the syntax defined in the server side schema py exception IS LEAF The object specified is a leaf of the diretcory tree Sets the py const matched field of the exception dictionary value py exception LOCAL ERROR Some local error occurred This is usually due to failed memory allocation py exception LOOP DETECT A loop was detected py exception MORE RESULTS TO RETURN py exception NAMING VIOLATION A naming violation occurred This is raised e g if the LDAP server has constraints about the tree naming py exception NO OBJECT CLASS MODS Modifying the objectClass attribute as requested is not allowed e g modifying structural object class of existing entry py exception NOT ALLOWED ON NONLEAF The operation is not allowed on a non leaf object py exception NOT ALLOWED ON RDN The operation is not allowed on an RDN py exception NOT SUPPORTED py exception NO MEMORY py exception NO OBJECT CLASS MODS Object class modifications are not allowed py exception NO RESULTS RETURNED py exception NO SUCH ATTRIBUTE The attribute type specified does not exist in the entry py exception NO SUCH OBJECT The specified object does not exist in the directory Sets the py const matched field of the exception dictionary value py exception OBJECT CLASS VIOLATION An object class violation occurred when the LDAP server checked the data sent by the client against the server side schema e g a must attribute was missing in the entry data py exception OPERATIONS ERROR An operations error occurred py exception OTHER An unclassified error occurred py exception PARAM ERROR An ldap routine was called with a bad parameter py exception PARTIAL RESULTS Partial results only returned This exception is raised if a referral is received when using LDAPv2 This exception should never be seen with LDAPv3 py exception PROTOCOL ERROR A violation of the LDAP protocol was detected py exception RESULTS TOO LARGE The result does not fit into a UDP packet This happens only when using UDP based CLDAP connection less LDAP which is not supported anyway py exception SASL BIND IN PROGRESS py exception SERVER DOWN The LDAP library can t contact the LDAP server py exception SIZELIMIT EXCEEDED An LDAP size limit was exceeded This could be due to a sizelimit configuration on the LDAP server py exception STRONG AUTH NOT SUPPORTED The LDAP server does not support strong authentication py exception STRONG AUTH REQUIRED Strong authentication is required for the operation py exception TIMELIMIT EXCEEDED An LDAP time limit was exceeded py exception TIMEOUT A timelimit was exceeded while waiting for a result from the server py exception TYPE OR VALUE EXISTS An attribute type or attribute value specified already exists in the entry py exception UNAVAILABLE The DSA is unavailable py exception UNAVAILABLE CRITICAL EXTENSION Indicates that the LDAP server was unable to satisfy a request because one or more critical extensions were not available Either the server does not support the control or the control is not appropriate for the operation type py exception UNDEFINED TYPE An attribute type used is not defined in the server side schema py exception UNWILLING TO PERFORM The DSA is unwilling to perform the operation py exception USER CANCELLED The operation was cancelled via the py meth abandon method The above exceptions are raised when a result code from an underlying API call does not indicate success ldap objects LDAPObject classes py class LDAPObject Instances of py class LDAPObject are returned by py func initialize and py func open deprecated The connection is automatically unbound and closed when the LDAP object is deleted Internally py class LDAPObject is set to py class SimpleLDAPObject by default py class SimpleLDAPObject uri trace level 0 trace file sys stdout trace stack limit 5 Instances of py class LDAPObject are returned by py func initialize and py func open deprecated The connection is automatically unbound and closed when the LDAP object is deleted py class ReconnectLDAPObject uri trace level 0 trace file sys stdout trace stack limit 5 retry max 1 retry delay 60 0 This class is derived from py class SimpleLDAPObject and used for automatic reconnects when using the synchronous request methods see below This class also implements the pickle protocol For automatic reconnects it has additional arguments retry max specifies the number of reconnect attempts before re raising the py exc ldap SERVER DOWN exception retry delay specifies the time in seconds between reconnect attempts Arguments for LDAPv3 controls The py mod ldap controls module can be used for constructing and decoding LDAPv3 controls These arguments are available in the methods with names ending in py const ext or py const ext s serverctrls is a list of py class ldap controls LDAPControl instances sent to the server along with the LDAP request see module py mod ldap controls These are controls which alter the behaviour of the server when processing the request if the control is supported by the server The effect of controls might differ depending on the type of LDAP request or controls might not be applicable with certain LDAP requests at all clientctrls is a list of py class ldap controls LDAPControl instances passed to the client API and alter the behaviour of the client when processing the request Sending LDAP requests Most methods on LDAP objects initiate an asynchronous request to the LDAP server and return a message id that can be used later to retrieve the result with py meth result Methods with names ending in py const s are the synchronous form and wait for and return with the server s result or with py const None if no data is expected class LDAPObject instances have the following methods py method LDAPObject abandon msgid None py method LDAPObject abandon ext msgid serverctrls None clientctrls None None Abandons an LDAP operation in progress without waiting for a LDAP response The msgid argument should be the message ID of an outstanding LDAP operation as returned by the asynchronous methods py meth search py meth modify etc The caller can expect that the result of an abandoned operation will not be returned from a future call to py meth result serverctrls and clientctrls like described above py method LDAPObject add dn modlist int py method LDAPObject add s dn modlist None py method LDAPObject add ext dn modlist serverctrls None clientctrls None int py method LDAPObject add ext s dn modlist serverctrls None clientctrls None None Performs an LDAP add operation The dn argument is the distinguished name DN of the entry to add and modlist is a list of attributes to be added The modlist is similar the one passed to py meth modify except that the operation integer is omitted from the tuples in modlist You might want to look into sub module refmodule ldap modlist for generating the modlist The asynchronous methods py meth add and py meth add ext return the message ID of the initiated request serverctrls and clientctrls like described above py method LDAPObject bind who cred method int py method LDAPObject bind s who cred method None py method LDAPObject simple bind who cred serverctrls None clientctrls None int py method LDAPObject simple bind s who cred serverctrls None clientctrls None None After an LDAP object is created and before any other operations can be attempted over the connection a bind operation must be performed This method attempts to bind with the LDAP server using either simple authentication or Kerberos if available The first and most general method py meth bind takes a third parameter method which can currently solely be py const AUTH SIMPLE py method LDAPObject sasl interactive bind s who auth None This call is used to bind to the directory with a SASL bind request py method LDAPObject cancel cancelid serverctrls None clientctrls None None Send cancels extended operation for an LDAP operation specified by cancelid The cancelid should be the message id of an outstanding LDAP operation as returned by the asynchronous methods search modify etc The caller can expect that the result of an abandoned operation will not be returned from a future call to py meth result In opposite to py meth abandon this extended operation gets an result from the server and thus should be preferred if the server supports it serverctrls and clientctrls like described above rfc 3909 Lightweight Directory Access Protocol LDAP Cancel Operation py method LDAPObject compare dn attr value int py method LDAPObject compare s dn attr value tuple py method LDAPObject compare ext dn attr value serverctrls None clientctrls None int py method LDAPObject compare ext s dn attr value serverctrls None clientctrls None tuple Perform an LDAP comparison between the attribute named attr of entry dn and the value value The synchronous forms returns py const 0 for false or py const 1 for true The asynchronous forms returns the message ID of the initiated request and the result of the asynchronous compare can be obtained using py meth result Note that the asynchronous technique yields the answer by raising the exception objects py exc ldap COMPARE TRUE or py exc ldap COMPARE FALSE serverctrls and clientctrls like described above note A design fault in the LDAP API prevents value from containing NULL characters py method LDAPObject delete dn int py method LDAPObject delete s dn None py method LDAPObject delete ext dn serverctrls None clientctrls None int py method LDAPObject delete ext s dn serverctrls None clientctrls None None Performs an LDAP delete operation on dn The asynchronous form returns the message id of the initiated request and the result can be obtained from a subsequent call to py meth result serverctrls and clientctrls like described above py method extop extreq serverctrls None clientctrls None int py method extop s extreq serverctrls None clientctrls None extop resp class None respoid respvalue Performs an LDAP extended operation The asynchronous form returns the message id of the initiated request and the result can be obtained from a subsequent call to py meth extop result The extreq is an instance of class py class ldap extop ExtendedRequest containing the parameters for the extended operation request If argument extop resp class is set to a sub class of py class ldap extop ExtendedResponse this class is used to return an object of this class instead of a raw BER value in respvalue py method extop result self msgid ldap RES ANY all 1 timeout None respoid respvalue Wrapper method around py meth result4 just for retrieving the result of an extended operation sent before py method LDAPObject modify dn modlist int py method LDAPObject modify s dn modlist None py method LDAPObject modify ext dn modlist serverctrls None clientctrls None int py method LDAPObject modify ext s dn modlist serverctrls None clientctrls None None Performs an LDAP modify operation on an entry s attributes The dn argument is the distinguished name DN of the entry to modify and modlist is a list of modifications to make to that entry Each element in the list modlist should be a tuple of the form mod op mod type mod vals where mod op indicates the operation one of py const ldap MOD ADD py const ldap MOD DELETE or py const ldap MOD REPLACE mod type is a string indicating the attribute type name and mod vals is either a string value or a list of string values to add delete or replace respectively For the delete operation mod vals may be py const None indicating that all attributes are to be deleted serverctrls and clientctrls like described above The asynchronous methods py meth modify and py meth modify ext return the message ID of the initiated request You might want to look into sub module py mod ldap modlist for generating modlist py method LDAPObject modrdn dn newrdn delold 1 int py method LDAPObject modrdn s dn newrdn delold 1 None Perform a modify RDN operation i e a renaming operation These routines take dn the DN of the entry whose RDN is to be changed and newrdn the new RDN to give to the entry The optional parameter delold is used to specify whether the old RDN should be kept as an attribute of the entry or not The asynchronous version returns the initiated message id This operation is emulated by py meth rename and py meth rename s methods since the modrdn2 routines in the C library are deprecated py method LDAPObject passwd user oldpw newpw serverctrls None clientctrls None int py method LDAPObject passwd s user oldpw newpw serverctrls None clientctrls None None Perform a LDAP Password Modify Extended Operation operation on the entry specified by user The old password in oldpw is replaced with the new password in newpw by a LDAP server supporting this operation If oldpw is not py const None it has to match the old password of the specified user which is sometimes used when a user changes his own password serverctrls and clientctrls like described above The asynchronous version returns the initiated message id seealso rfc 3062 LDAP Password Modify Extended Operation py method LDAPObject rename dn newrdn newsuperior None delold 1 serverctrls None clientctrls None int py method LDAPObject rename s dn newrdn newsuperior None delold 1 serverctrls None clientctrls None None Perform a Rename operation i e a renaming operation These routines take dn the DN of the entry whose RDN is to be changed and newrdn the new RDN to give to the entry The optional parameter newsuperior is used to specify a new parent DN for moving an entry in the tree not all LDAP servers support this The optional parameter delold is used to specify whether the old RDN should be kept as an attribute of the entry or not serverctrls and clientctrls like described above py method LDAPObject result msgid RES ANY all 1 timeout None 2 tuple This method is used to wait for and return the result of an operation previously initiated by one of the LDAP asynchronous operations eg py meth search py meth modify etc The msgid parameter is the integer identifier returned by that method The identifier is guaranteed to be unique across an LDAP session and tells the py meth result method to request the result of that specific operation If a result is desired from any one of the in progress operations msgid should be specified as the constant py const RES ANY and the method py meth result2 should be used instead The all parameter only has meaning for py meth search responses and is used to select whether a single entry of the search response should be returned or to wait for all the results of the search before returning A search response is made up of zero or more search entries followed by a search result If all is 0 search entries will be returned one at a time as they come in via separate calls to py meth result If all is 1 the search response will be returned in its entirety i e after all entries and the final search result have been received For all set to 0 result tuples trickle in with the same message id and with the result types py const RES SEARCH ENTRY and py const RES SEARCH REFERENCE until the final result which has a result type of py const RES SEARCH RESULT and a usually empty data field When all is set to 1 only one result is returned with a result type of RES SEARCH RESULT and all the result tuples listed in the data field The timeout parameter is a limit on the number of seconds that the method will wait for a response from the server If timeout is negative which is the default the method will wait indefinitely for a response The timeout can be expressed as a floating point value and a value of py const 0 effects a poll If a timeout does occur a py exc ldap TIMEOUT exception is raised unless polling in which case None None is returned The py meth result method returns a tuple of the form result type result data The first element result type is a string being one of these module constants py const RES BIND py const RES SEARCH ENTRY py const RES SEARCH REFERENCE py const RES SEARCH RESULT py const RES MODIFY py const RES ADD py const RES DELETE py const RES MODRDN or py const RES COMPARE If all is py const 0 one response at a time is returned on each call to py meth result with termination indicated by result data being an empty list See py meth search for a

    Original URL path: https://www.python-ldap.org/doc/html/_sources/ldap.txt (2016-04-29)
    Open archived version from archive


  • modules implement specific LDAPv3 extended controls The classes therein are derived from the base classes py class ldap controls RequestControl py class ldap controls ResponseControl or py class ldap controls LDAPControl Some of them require py mod pyasn1 and py mod pyasn1 modules to be installed Usually the names of the method arguments and the class attributes match the ASN 1 identifiers used in the specification So looking at the referenced RFC or Internet Draft is very helpful to understand the API py mod ldap controls simple Very simple controls py module ldap controls simple synopsis simple request and response controls implemented in pure Python autoclass ldap controls simple ValueLessRequestControl members autoclass ldap controls simple OctetStringInteger members autoclass ldap controls simple BooleanControl members autoclass ldap controls simple ManageDSAITControl members seealso rfc 3296 Named Subordinate References in Lightweight Directory Access Protocol LDAP Directories autoclass ldap controls simple RelaxRulesControl members seealso draft zeilenga ldap relax autoclass ldap controls simple ProxyAuthzControl members seealso rfc 4370 Lightweight Directory Access Protocol LDAP Proxied Authorization Control autoclass ldap controls simple AuthorizationIdentityRequestControl members seealso rfc 3829 Lightweight Directory Access Protocol LDAP Authorization Identity Request and Response Controls autoclass ldap controls simple AuthorizationIdentityResponseControl members seealso rfc 3829 Lightweight Directory Access Protocol LDAP Authorization Identity Request and Response Controls autoclass ldap controls simple GetEffectiveRightsControl members py mod ldap controls libldap Various controls implemented in OpenLDAP libs py module ldap controls libldap synopsis request and response controls implemented by OpenLDAP libs This module wraps C functions in OpenLDAP client libs which implement various request and response controls into Python classes autoclass ldap controls libldap AssertionControl members seealso rfc 4528 Lightweight Directory Access Protocol LDAP Assertion Control autoclass ldap controls libldap MatchedValuesControl members seealso rfc 3876 Returning Matched Values with the Lightweight Directory Access Protocol version 3 LDAPv3 autoclass ldap controls

    Original URL path: https://www.python-ldap.org/doc/html/_sources/ldap-controls.txt (2016-04-29)
    Open archived version from archive


  • LDAPv3 extended operations py module ldap extop synopsis High level access to LDAPv3 extended operations Classes This module defines the following classes autoclass ldap extop ExtendedRequest members autoclass ldap extop ExtendedResponse members py mod ldap extop dds Classes for Dynamic Entries extended operations py module ldap extop dds synopsis Classes for Dynamic Entries extended operations This requires py mod pyasn1 and py mod pyasn1 modules to be installed seealso rfc

    Original URL path: https://www.python-ldap.org/doc/html/_sources/ldap-extop.txt (2016-04-29)
    Open archived version from archive


  • retrieving partial search results even though the exception exc ldap SIZELIMIT EXCEEDED was raised because a server side limit was hit import sys ldap ldap async s ldap async List ldap initialize ldap localhost s startSearch dc stroeder dc com ldap SCOPE SUBTREE objectClass try partial s processResults except ldap SIZELIMIT EXCEEDED sys stderr write Warning Server side size limit exceeded n else if partial sys stderr write Warning Only

    Original URL path: https://www.python-ldap.org/doc/html/_sources/ldap-async.txt (2016-04-29)
    Open archived version from archive


  • down to AVA level The optional parameter flags describes the DN format of s see ref ldap dn flags Note that hex encoded non ASCII chars are decoded to the raw bytes list function dn2str dn This function takes a decomposed DN in dn and returns a single string It s the inverse to func str2dn Special characters are escaped with the help of function func escape dn chars string function explode dn dn notypes 0 flags 0 This function takes dn and breaks it up into its component parts Each part is known as an RDN Relative Distinguished Name The optional notypes parameter is used to specify that only the RDN values be returned and not their types The optional parameter flags describes the DN format of s see ref ldap dn flags This function is emulated by function func str2dn since the function ldap explode dn in the C library is deprecated list function explode rdn rdn notypes 0 flags 0 This function takes a multi valued rdn and breaks it up into a list of characteristic attributes The optional notypes parameter is used to specify that only the RDN values be returned and not their types The optional flags parameter describes the DN format of s see ref ldap dn flags This function is emulated by function func str2dn since the function ldap explode rdn in the C library is deprecated list ldap dn example Examples Splitting a LDAPv3 DN to AVA level Note that both examples have the same result but in the first example the non ASCII chars are passed as is byte buffer string whereas in the second example the hex encoded DN representation are passed to the function ldap dn str2dn cn Michael Str xc3 xb6der dc stroeder dc com flags ldap DN

    Original URL path: https://www.python-ldap.org/doc/html/_sources/ldap-dn.txt (2016-04-29)
    Open archived version from archive


  • of Search Filters The mod ldap filter module defines the following functions function escape filter chars assertion value escape mode 0 This function escapes characters in assertion value which are special in LDAP filters You should use this function when building LDAP filter strings from arbitrary input escape mode means If const 0 only special chars mentioned in RFC 4515 are escaped If const 1 all NON ASCII chars are

    Original URL path: https://www.python-ldap.org/doc/html/_sources/ldap-filter.txt (2016-04-29)
    Open archived version from archive



  •