How to properly import Active Directory users into web2py auth_user table?
64 views
Skip to first unread message
Grzegorz Dzień
Mar 4, 2015, 2:59:32 PM3/4/15
to web...@googlegroups.com
I have tried doing it this way:
def showthemall():
# LDAP connection settings
LDAP_SERVER = "ldap://ad.superhost"
BIND_DN = "supe...@ad.superhost"
BIND_PASS = "mysupersecretpassword"
# Connect to LDAP
con = ldap.initialize(LDAP_SERVER)
# Authenticate in LDAP
con.simple_bind_s(BIND_DN, BIND_PASS)
# We don't want disabled users, so we use some magic LDAP-Active
Directory filers for it
ldapfilter =
'(&(&(objectclass=person)(
By the way - is there a way to re-use web2py's AD connector's connection?
def showthemall():
# LDAP connection settings
LDAP_SERVER = "ldap://ad.superhost"
BIND_DN = "supe...@ad.superhost"
BIND_PASS = "mysupersecretpassword"
# Connect to LDAP
con = ldap.initialize(LDAP_SERVER)
# Authenticate in LDAP
con.simple_bind_s(BIND_DN, BIND_PASS)
# We don't want disabled users, so we use some magic LDAP-Active
Directory filers for it
ldapfilter =
'(&(&(objectclass=person)(
objectcategory=person))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))'
# What user attributes do we want list in link:
# http://www.manageengine.com/products/ad-manager/help/csv-import-management/active-directory-ldap-attributes.html
attrs = ['displayName', 'givenName', 'sn', 'mail', 'mailNickname',
'department']
# Get all users from ldap
base_dn = 'ou=<OU>,dc=<DC>,dc=<DC>'
ad_users = con.search_s( base_dn, ldap.SCOPE_SUBTREE, ldapfilter, attrs )
for user in ad_users:
# get 2nd value separated by comma
ouvar=user[0].split(',')[1]
# if ouvar valude is not Generic
if ouvar != 'OU=Generic':
# add user to the auth_user table
required_fields = set([ 'sn', 'givenName', 'mail',
'department', 'mailNickname' ])
if required_fields.issubset(set(user[1])):
db.auth_user.insert(first_name=user[1]['givenName'],
last_name=user[1]['sn'],
email=user[1]['mail'],
username=user[1]['mailNickname'],
password=None,
registration_id=user[1]['mailNickname'])
It is importing contact as (I mean every value in the DB is enveloped in vertical bar):
|Grzegorz||Dzien||gdzien@domai...|gdzien|None|gdzien|
# What user attributes do we want list in link:
# http://www.manageengine.com/products/ad-manager/help/csv-import-management/active-directory-ldap-attributes.html
attrs = ['displayName', 'givenName', 'sn', 'mail', 'mailNickname',
'department']
# Get all users from ldap
base_dn = 'ou=<OU>,dc=<DC>,dc=<DC>'
ad_users = con.search_s( base_dn, ldap.SCOPE_SUBTREE, ldapfilter, attrs )
for user in ad_users:
# get 2nd value separated by comma
ouvar=user[0].split(',')[1]
# if ouvar valude is not Generic
if ouvar != 'OU=Generic':
# add user to the auth_user table
required_fields = set([ 'sn', 'givenName', 'mail',
'department', 'mailNickname' ])
if required_fields.issubset(set(user[1])):
db.auth_user.insert(first_name=user[1]['givenName'],
last_name=user[1]['sn'],
email=user[1]['mail'],
username=user[1]['mailNickname'],
password=None,
registration_id=user[1]['mailNickname'])
It is importing contact as (I mean every value in the DB is enveloped in vertical bar):
|Grzegorz||Dzien||gdzien@domai...|gdzien|None|gdzien|
By the way - is there a way to re-use web2py's AD connector's connection?
Grzegorz Dzień
Mar 5, 2015, 6:30:02 PM3/5/15
to web...@googlegroups.com
Found it, it was that values I was importing were tuples, it works given I access "first tuple item" e.g.:
first_name=user[1]['givenName'][0]
Dave S
Mar 5, 2015, 11:41:31 PM3/5/15
to web...@googlegroups.com
Glad to hear that you were successful. Return types can keep us on our toes, can't they?
/dps
/dps
Reply all
Reply to author
Forward
0 new messages