ldap3 python修改用过滤器替换对象

2022-01-17 00:00:00 python ldap ldap3

问题描述

在应用 ldapmodify 时我们如何过滤?

How can we filter when applying ldapmodify?

例如:这是我的用户对象的样子:

For eg: this is how my user object looks like:

dn: mail=abc@d.com,ou=users,dc=dev,dc=com序号:po给定名称:abc引脚:1234邮件:abc@d.com电话号码:11234567890启用:假城市:城市邮箱:abc@d.como: 组织

如果他的组织是 org,我想修改这个用户的城市.如何应用这样的过滤器?

I want to modify this user's city if his org is org. How can I apply such a filter?

我正在使用 ldap3 进行操作,我需要使用控件吗?

I am doing it using ldap3, do I need to use controls?


解决方案

您需要将 Assertion Control 连同您的修改操作一起发送(参见 RFC 4528).基本上,该控件包含一个必须匹配的过滤器.

You need to send the Assertion Control along with your modify operation (see RFC 4528). Basically the control contains a filter which has to be matched.

我在 web2ldap 中使用此控件来防止并发写入做任何坏事.

I'm using this control in my web2ldap to prevent concurrent writes to do anything bad.

我怀疑 ldap3 模块是否支持开箱即用.

I have some doubts that ldap3 module supports it out-of-the-box though.

补充说明:

  • 并非所有 LDAP 服务器都支持此控件.
  • 支持此控件的 LDAP 服务器实现中存在一些细微的错误.

相关文章