A small wrapper around the python-ldap library that provides a more Pythonic interface for LDAP server connections, LDAP objects, and the common get and search operations.
Install using pip:
pip install simpleldap
A quick and easy example using simpleldap
:
>>> import simpleldap
>>> conn = simpleldap.Connection('directory.example.com')
>>> user = conn.get("uid=myuser")
>>> user.dn
'uid=myuser,dc=directory,dc=example,dc=com'
>>> user['cn']
['Joe Smith', 'Joe M. Smith']
>>> user.first('cn')
'Joe Smith'
>>> conn.close()
The Connection
object can also be used as a context manager, e.g.:
with simpleldap.Connection('directory.example.com') as conn:
users = conn.search("(&(givenName=Joe)(sn=Smith))")
A common method for authenticating users is to connect to an LDAP server using a service user/account and then attempt a bind operation using the user's credentials (i.e. DN and password). The authenticate
method makes this simple:
with simpleldap.Connection('directory.example.com') as conn:
is_valid = conn.authenticate('uid=myuser,dc=directory,dc=example,dc=com', 'password')
Note
The authentication
method does not perform an unbind and does not bind again using the original connection's credentials; therefore, any further actions following a successful authenticate
call will be performed as the authenticated user.
LDAP also offers a feature to compare an attribute's value with a given string. This can occasionally be more efficient and expressive than grabbing an entire object from the LDAP store. simpleldap
offers a compare
method for this feature:
>>> conn = simpleldap.Connection('directory.example.com')
>>> user_dn = 'uid=myuser,dc=directory,dc=example,dc=com'
>>> conn.compare(user_dn, 'cn', 'Joe Smith')
True