LDAP AD - атрибут диапазона, как его использовать?


#!/usr/bin/env python

import ldap

def msad_flatten_ranges(conn, dn, ldap_dict):
  for attrname in ldap_dict:
    if ';range=' in attrname:
      #
      # parse range attr
      #
      actual_attrname, range_stmt = attrname.split(';')
      bound_lower, bound_upper = [
        int(x) for x in range_stmt.split('=')[1].split('-')
      ]

      step = bound_upper - bound_lower + 1
      while True:
        attr_next = '%s;range=%d-%d' % (
          actual_attrname, bound_lower, bound_upper
        )

        dn, attrs = conn.search_s(
          dn, ldap.SCOPE_BASE, attrlist = [attr_next])[0]

        assert len(attrs) == 1

        ret_attrname = attrs.keys()[0]

        ldap_dict[actual_attrname].extend(attrs[ret_attrname])
        if ret_attrname.endswith('-*'):
          break

        bound_lower = bound_upper + 1
        bound_upper += step
LDAP,

ldap,

3

Ответов: 1


#!/usr/bin/env python

import ldap

def msad_flatten_ranges(conn, dn, ldap_dict):
  for attrname in ldap_dict:
    if ';range=' in attrname:
      #
      # parse range attr
      #
      actual_attrname, range_stmt = attrname.split(';')
      bound_lower, bound_upper = [
        int(x) for x in range_stmt.split('=')[1].split('-')
      ]

      step = bound_upper - bound_lower + 1
      while True:
        attr_next = '%s;range=%d-%d' % (
          actual_attrname, bound_lower, bound_upper
        )

        dn, attrs = conn.search_s(
          dn, ldap.SCOPE_BASE, attrlist = [attr_next])[0]

        assert len(attrs) == 1

        ret_attrname = attrs.keys()[0]

        ldap_dict[actual_attrname].extend(attrs[ret_attrname])
        if ret_attrname.endswith('-*'):
          break

        bound_lower = bound_upper + 1
        bound_upper += step
LDAP,