0
import ldap
import base64
import ldap.modlist as modlist
server = "ldaps://X.X.X.X:636"
who = 'administrator@bru.com'
cred = base64.b64decode(XXXXXXXXXXXXXX)
path = 'dc=bru,dc=com'
dn ='CN=saauto\ user8,CN=Users,dc=bru,dc=com'
domain='bru.com'
password = base64.b64decode(b'cmVzZXRwd2RDQVBTQDEyMw==')
firstname='saauto'
surname='user8'
username = firstname+surname
upn = firstname+surname+'@'+domain 
department = 'SME'
country = 'India'
email = firstname+surname+'@'+ domain
manager = 'CN=Administrator,CN=Users,DC=bru,DC=com'
displayname = firstname + surname
city = 'XXXXXXXX'
description = 'Joined on 06-11-2016'
mobile = 'XXXXXXXXXXX'
title = 'SME'
attrs = {}
attrs['objectclass'] = ['top','person','organizationalPerson','user']
attrs['cn'] = str(username)
attrs['userPassword'] = str(password)
attrs['givenName']=str(firstname)
attrs['sn']=str(surname)
attrs['description'] = str(description)
attrs['userPrincipalName'] = str(upn)
attrs['sAMAccountName'] = str(username)
attrs['department'] = str(department)
attrs['c'] = ['IN']
attrs['co'] = str (country)
attrs['l'] = str (city)
attrs['mobile'] = str (mobile)
attrs['title'] = str(title)
attrs['userAccountControl'] = ['544']
attrs['mail']=str (email)
attrs['displayName'] = str(displayname)
attrs['manager'] = str(manager)
add_member = [(ldap.MOD_ADD, 'member', dn)]
mods = [(ldap.MOD_REPLACE, 'unicodePwd', ''.join(('"', password, '"')).encode('utf-16').lstrip('\377\376'),)]
ldif = modlist.addModlist(attrs)
l = ldap.initialize(server)
l.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER)
l.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
l.set_option( ldap.OPT_DEBUG_LEVEL, 255 )
l.simple_bind_s(who, cred)
l.add_s(dn, ldif)
l.modify(dn, mods)
l.unbind_s()

尝试执行此代码时出现错误为 ldap.INVALID_DN_SYNTAX: {'info': "00002081: NameErr: DSID-03050C42, question 2003 (BAD_ATT_SYNTAX), data 0, best match of:\n\t'CN=s aauto user8 ,CN=Users,dc=bru,dc=com'\n", 'desc': '无效的 DN 语法'}

如果我删除了 DN 的 CN 部分中的空间,即如果 dn ='CN=saautouser8,CN=Users,dc=bru,dc=com' 那么它正在工作。我也尝试过反斜杠。此外,当阅读文章时,如果名称之间有空格,如果它是在开头或结尾,我们需要使用转义字符,这不是问题。但我不知道为什么我无法完成这项工作。

4

1 回答 1

0

据我所知,您必须匹配两个“cn”出现,不仅

dn ='CN=saauto\ user8,CN=Users,dc=bru,dc=com' 

如果您想使用“saauto user8”创建用户,请同时为该用户提供正确的 cn 属性:

attrs['cn'] = str(username) should be replaced with attrs['cn'] = 'saauto user8'

我也处理过这个问题,这就是我解决它的方式。我对空格没有任何问题。希望这可以帮助。

于 2017-04-20T19:40:26.020 回答