Using dataflake.ldapconnection

dataflake.ldapconnection provides an abstraction layer on top of pyldap. It offers a connection object with simplified methods for inserting, modifying, searching and deleting records in the LDAP directory tree. Failover/redundancy can be achieved by supplying connection data for more than one LDAP server.

API examples

Instantiating a connection object:

1
2
3
 >>> from dataflake.ldapconnection.connection import LDAPConnection
 >>> conn = LDAPConnection()
 >>> conn.addServer('localhost', '1389', 'ldap')

To work with the connection object you need to make sure that a LDAP server is available on the provided host and port.

Now we will search for a record that does not yet exist, then add the missing record and find it when searching again:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
 >>> conn.search('ou=users,dc=localhost', fltr='(cn=testing)')
 {'exception': '', 'results': [], 'size': 0}
 >>> data = { 'objectClass': ['top', 'inetOrgPerson']
 ...        , 'cn': 'testing'
 ...        , 'sn': 'Lastname'
 ...        , 'givenName': 'Firstname'
 ...        , 'mail': 'test@test.com'
 ...        , 'userPassword': '5ecret'
 ...        }
 >>> conn.insert('ou=users,dc=localhost', 'cn=testing', attrs=data, bind_dn='cn=Manager,dc=localhost', bind_pwd='secret')
 >>> conn.search('ou=users,dc=localhost', fltr='(cn=testing)')
 {'exception': '', 'results': [{'dn': 'cn=testing,ou=users,dc=localhost', 'cn': ['testing'], 'objectClass': ['top', 'inetOrgPerson'], 'userPassword': ['5ecret'], 'sn': ['Lastname'], 'mail': ['test@test.com'], 'givenName': ['Firstname']}], 'size': 1}

We can edit an existing record:

1
2
3
4
>>> changes = {'givenName': 'John', 'sn': 'Doe'}
>>> conn.modify('cn=testing,ou=users,dc=localhost', attrs=changes, bind_dn='cn=Manager,dc=localhost', bind_pwd='secret')
>>> conn.search('ou=users,dc=localhost', fltr='(cn=testing)')
{'exception': '', 'results': [{'dn': 'cn=testing,ou=users,dc=localhost', 'cn': ['testing'], 'objectClass': ['top', 'inetOrgPerson'], 'userPassword': ['5ecret'], 'sn': ['Doe'], 'mail': ['test@test.com'], 'givenName': ['John']}], 'size': 1}

As the last step, we will delete our testing record:

1
2
3
>>> conn.delete('cn=testing,ou=users,dc=localhost', bind_dn='cn=Manager,dc=localhost', bind_pwd='secret')
>>> conn.search('ou=users,dc=localhost', fltr='(cn=testing)')
{'exception': '', 'results': [], 'size': 0}

The Interfaces page contains more information about the connection APIs.

Handling string encoding for input and output values

LDAP servers expect values sent to them in specific string encodings. Standards-compliant LDAP servers use UTF-8. They use the same encoding for values returned e.g. by a search. This server-side encoding may not be convenient for communicating with the dataflake.ldapconnection API itself. For this reason the server-side encoding and API encoding can be set individually on connection instances using the attributes ldap_encoding and api_encoding, respectively. The connection instance handles all string encoding transparently.

By default, instances use UTF-8 as ldap_encoding and ISO-8859-1 (Latin-1) as api_encoding. You can assign any valid Python codec name to these attributes. Assigning an empty value or None means that unencoded unicode strings are used under Python 2.