[Tutor] Python and NT Authentication
Hello, everyone-
I'm trying to both learn Python and develop a fairly robust web form with it at
the same time... nothing like being thrown into a new job and having to learn a
new language to do it!
We have ActiveState Python 2.5 installed on an IIS box running Windows 2003.
We're doing it this way because we will most likely be switching to Apache /
Unix in the future, and we don't want to have to rewrite all of our server-side
scripts. Our web server is a domain member.
I am coding a form that will allow authenticated NT users to submit project
requests. The form will, among other things, need to pull a list of domain
users and put it into a dropdown menu, as well as show the username of the
current user. Results will be dumped into an ODBC-connected mySQL database,
which is working well (it's just the authentication issue that I'm struggling
with).
I am able to connect to the domain with the following:
<%import ldap, sys, win32api
LDAP_SERVER='ldap://nazareth.internal'
LDAP_USERNAME='[EMAIL PROTECTED]'
LDAP_PASSWORD='mypassword'
try:
ldap_client = ldap.initialize(LDAP_SERVER)
ldap_client.simple_bind_s(LDAP_USERNAME, LDAP_PASSWORD)
except ldap.INVALID_CREDENTIALS, e:
Response.Write("Invalid credentials")
sys.exit()
except ldap.SERVER_DOWN, e:
Response.Write("Your server appears to be
down.")
sys.exit()
Response.Write("Connected! All is well.")
ldap_client.unbind()
%>
However, other than hard-coding the variables, I don't know how to get them
from the user, nor do I know how to actually authenticate them. Should I be
using Cookies? How is that done?
As far as populating the form's dropdown box, I've been using
something similar to:
<%
import pyodbc
cnxn_ro = pyodbc.connect("DSN=metaproject_ro")
cursor = cnxn_ro.cursor()
cursor.execute("select * from Person order by last_name, first_name")
for row in cursor:
Response.Write(""+row.last_name+",
"+row.first_name+" ("+row.uid+")")
cursor.close()
%>
(for testing purposes, I actually built a table in the database just so that I
could populate it programmatically, but this is where I'd like to pull the info
from Active Directory.
Hope someone can help! I've been scouring the web for several hours, and I'm
actually *more* confused than when I started.
Thanks!
Steven L Smith
Web Developer
Nazareth College of Rochester
___
Tutor maillist - Tutor@python.org
http://mail.python.org/mailman/listinfo/tutor
[Tutor] Accessing LDAP
Any ideas how I can pull a list of domain users from an LDAP server and use it programmatically in a Python web application? Thanks! ___ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Accessing LDAP
It is indeed an active directory server, but the sysadmin tells me that it is configured to respond to normal ldap queries as well. I tried Tim's module, and it's giving me an "operations error" when I try to use his code snippet to list users... - Original Message - From: "Rudy Schockaert" <[EMAIL PROTECTED]> To: "vishwajeet singh" <[EMAIL PROTECTED]> Cc: "Steven L Smith" <[EMAIL PROTECTED]>, "tutor" Sent: Monday, August 11, 2008 9:04:50 AM (GMT-0500) America/New_York Subject: Re: [Tutor] Accessing LDAP If by LDAP server you mean Active Directory, then Tim's active_directory module is certainly the way to go. If you want a more generic LDAP approach, you could give python-ldap<http://python-ldap.sourceforge.net/download.shtml>a try. On Mon, Aug 11, 2008 at 2:17 PM, vishwajeet singh <[EMAIL PROTECTED]>wrote: > I think this can be of some help to you > http://tgolden.sc.sabren.com/python/active_directory.html > > > > On Mon, Aug 11, 2008 at 5:44 PM, Steven L Smith <[EMAIL PROTECTED]>wrote: > >> Any ideas how I can pull a list of domain users from an LDAP server and >> use it programmatically in a Python web application? >> >> Thanks! >> ___ >> Tutor maillist - Tutor@python.org >> http://mail.python.org/mailman/listinfo/tutor >> > > > > -- > Cheers, > Vishwajeet > http://www.singhvishwajeet.com > > ___ > Tutor maillist - Tutor@python.org > http://mail.python.org/mailman/listinfo/tutor > > ___ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
Re: [Tutor] Accessing LDAP
<%
import active_directory
for person in active_directory.search ("objectCategory='Person'"):
Response.Write(person.displayName)
%>
Results in...
Python ActiveX Scripting Engine error '80020009'
Traceback (most recent call last): File "
Re: [Tutor] Accessing LDAP
Hmmm... well, that worked, and the previous code snippet worked in interactive mode too... maybe there's something wrong with the user that IIS is running under? How would I give it the proper permissions? - Original Message - From: "Rudy Schockaert" <[EMAIL PROTECTED]> To: "Steven L Smith" <[EMAIL PROTECTED]> Cc: "tutor" Sent: Monday, August 11, 2008 11:37:35 AM (GMT-0500) America/New_York Subject: Re: [Tutor] Accessing LDAP Ok, then you best stick to Tim's module. Are you running your script from a workstation or server in the forest? What I always try first in interactive mode is the following: import active_directory ad = active_directory.AD() print ad That should already show you if you can connect to AD or not. On Mon, Aug 11, 2008 at 3:13 PM, Steven L Smith <[EMAIL PROTECTED]>wrote: > It is indeed an active directory server, but the sysadmin tells me that it > is configured to respond to normal ldap queries as well. > > I tried Tim's module, and it's giving me an "operations error" when I try > to use his code snippet to list users... > > > - Original Message ----- > From: "Rudy Schockaert" <[EMAIL PROTECTED]> > To: "vishwajeet singh" <[EMAIL PROTECTED]> > Cc: "Steven L Smith" <[EMAIL PROTECTED]>, "tutor" > Sent: Monday, August 11, 2008 9:04:50 AM (GMT-0500) America/New_York > Subject: Re: [Tutor] Accessing LDAP > > If by LDAP server you mean Active Directory, then Tim's active_directory > module is certainly the way to go. > If you want a more generic LDAP approach, you could give > python-ldap<http://python-ldap.sourceforge.net/download.shtml>a try. > > On Mon, Aug 11, 2008 at 2:17 PM, vishwajeet singh <[EMAIL PROTECTED] > >wrote: > > > I think this can be of some help to you > > http://tgolden.sc.sabren.com/python/active_directory.html > > > > > > > > On Mon, Aug 11, 2008 at 5:44 PM, Steven L Smith <[EMAIL PROTECTED] > >wrote: > > > >> Any ideas how I can pull a list of domain users from an LDAP server and > >> use it programmatically in a Python web application? > >> > >> Thanks! > >> ___ > >> Tutor maillist - Tutor@python.org > >> http://mail.python.org/mailman/listinfo/tutor > >> > > > > > > > > -- > > Cheers, > > Vishwajeet > > http://www.singhvishwajeet.com > > > > ___ > > Tutor maillist - Tutor@python.org > > http://mail.python.org/mailman/listinfo/tutor > > > > > > ___ > Tutor maillist - Tutor@python.org > http://mail.python.org/mailman/listinfo/tutor > ___ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
