Re: Reg python-AD erroring out

[Geert Jansen]

Hi Deepti,

[adding cc to the mailing list]

On Fri, Apr 25, 2008 at 9:39 AM, Deepti Jawalkar <dee...@google.com> wrote:

 

I wanted to use your module python-AD to connect and work with AD from my linux box but after installing all the dependencies like (python ldap,dnspyhton,PLY,MITkerberos,py library) when I try doing an "import ad" or do "from ad import Client, Creds, activate" I get an error like this :

>>> from ad import Client,Creds,Locator,activate
Traceback (most recent call last):
  File "<stdin>", line 1, in ?
  File "/usr/lib/python2.4/site-packages/ad/__init__.py", line 12, in ?
    from ad.core.client import Client
  File "/usr/lib/python2.4/site-packages/ad/core/client.py", line 15, in ?
    import ldap.controls
ImportError: No module named controls
>>>

[...]

Any particular reason for such a behavior or I haven't set up the environment properly ?

What version of python-ldap are you using? I am using version 2.3.1 on Fedora 9 and it works allright. Try a "import ldap.controls" from a Python prompt and see what that does.
 

Also is it possible to move accounts in AD,remove and add users from groupmemberships from this package.(these are few of the main tasks that i hope to carry out with this module)

At the moment renaming objects is not possible with python-ad. I had a quick look and both OpenLDAP and python-ldap support that operation, so it would not be hard to add it. I will have a look at it.

Adding users is supported. See tutorial #5 on the home page.

I was going through your documentation and from wat I have learnt from it is that we can program in such a way that the script can pull logged on user credentials and run on those credentials is it possible? Did I get it rgt.

Yes, call Creds.load() to load the OS credentials.

Regards,
Geert

[Geert Jansen]

On Sun, Apr 27, 2008 at 1:00 PM, Deepti Jawalkar <dee...@google.com> wrote:

So u mean to say python-ad doesn't rename objects in AD at the moment .. i actually worked with python-ldap earlier and did try to move objects in AD from one ou to other using
LDAPObject.rename_s(dn, newrdn[, newsuperior=None[, delold=1]])
but in vain,from wat i have learnt is that this module is more closely integrated with LDAP and would fail to take care of the inbuilt things in AD while moving an object like maintaining the same SID value.Also when i tried to use the above command to move the object my script didn't error out but the object didn't move either ...so again i had to shift to ADSI to carry out these AD specific tasks which is not possible using python-ldap and was wondering if python-ad would be of help in this regard.

I have attached a patch to this email that adds rename() support to ad.Client. It is untested because at the moment my development environment has some issues after my upgrade to Fedora 9. Can you give it a try?

I know AD supports LDAP rename's and even though I haven't tested this out myself I see no reason for this not to work python either python-ldap or python-ad.  Renaming objects is the only way to keep SID's so i agree it is a very useful operation.

Python-AD is indeed better integrated with AD than python-ldap.

regards,
Geert