Skip to content
/ ldap3 Public
forked from cannatag/ldap3

a strictly RFC 4510 conforming LDAP V3 pure Python client. The same codebase works with Python 2. Python 3, PyPy and PyPy3

License

View license
0 stars 275 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

schwaboy/ldap3

BranchesTags

Repository files navigation

pureLDAP is a strictly RFC 4511 conforming LDAP V3 pure Python client. The same codebase works with Python 2 and Python 3

License
-------

The pureLDAP project is open source and released under the LGPL v3 license.


PEP8 Compliance
---------------

pureLDAP is PEP8 compliant (except for line length) starting from version 0.9.0.


Mailing List
------------

You can join the pureLDAP mailing list at http://mail.python.org/mailman/listinfo/python3-ldap


Home Page
---------

Project home page is https://github.com/cannatag/pureLDAP


Documentation
-------------

Documentation is available at http://pythonhosted.org/pureLDAP


Download
--------

Package download is available at https://pypi.python.org/pypi/pureLDAP or via **pip install pureLDAP**


Git repository
--------------

You can download the latest source at https://github.com/cannatag/pureLDAP


Support
-------

You can submit support tickets on https://bitbucket.org/python3ldap/pureLDAP/issues


Acknowledgements
----------------

* **Ilya Etingof**, the author of the *pyasn1* package for his excellent work and support.
* **Mark Lutz** for his *Learning Python* and *Programming Python* excellent books series and **John Goerzen** and **Brandon Rhodes** for their book *Foundations of Python Network Programming*. These books are wonderful tools for learning Python and this project owes a lot to them.
* **JetBrains** for donating to this project the Open Source license of *PyCharm 3 Professional*.
* **Atlassian** for providing the *free source repository space and the tools* I use to develop this project.
* **Python Software Foundation** for providing support for the test lab infrastructure.


Contact me
----------

For information and suggestions you can contact me at [email protected] or you can join the pureLDAP mailing list at http://mail.python.org/mailman/listinfo/pureLDAP. You can also open a support ticket on https://bitbucket.org/python3ldap/pureLDAP/issues/new

CHANGELOG
=========
* 0.9.8 2014-12-27
    - Moved to Github
    - Project renamed to pureLDAP to avoid name clashing with the existing python-ldap library


* 0.9.7 2014.12.17
    - Fixed bug for auto_range used in paged search
    - Added dual IP stack mode parameter in Server object, values are: IP_SYSTEM_DEFAULT, IP_V4_ONLY, IP_V4_PREFERRED, IP_V6_ONLY, IP_V6_PREFERRED
    - Added read_server_info parameter to bind() and start_tls() to avoid multiple schema and info read operations with auto_bind
    - Redesigned Reusable (pooled) strategy
    - Added LDAPResponseTimeoutError exception raised when get_response() doesn't receive any response in the allowed timeout period
    - Added shortened authentication parameters in ldap3 namespace: ANONYMOUS, SIMPLE, SASL
    - Added shortened scope parameters in ldap3 namespace: BASE, LEVEL, SUBTREE
    - Added shortened get_info parameters in ldap3 namespace: NONE, DSA, SCHEMA, ALL
    - Added shortened alias dereferencing parameters in ldap3 namespace: DEREF_NONE, DEREF_SEARCH, DEREF_BASE, DEREF_ALWAYS
    - Added shortened connection strategy parameters in ldap3 namespace: SYNC, ASYNC, LDIF, RESTARTABLE, REUSABLE
    - Added shortened pooling strategy parameters in ldap3 namespace: FIRST, ROUND_ROBIN, RANDOM
    - Added reentrant lock to avoid race conditions in the Connection object
    - When run in Python 2.7.9 uses SSLContext
    - Tested against Python 2.7.9, PyPy 2.4.0 and PyPy3 2.4.0
    - setuptools updated to 8.2.1

* 0.9.6.2 2014.11.17
    - Changed SESSION_TERMINATED_BY_SERVER from 0 to -2
    - Removed unneeded FORMAT_xxx variables in ldap3 namespace
    - Fixed bug in auto_range when search operation returns search continuations
    - Added infrastructure for Mock DSA (not functional yet)

* 0.9.6.1 2014.11.11
    - Added boolean parameter "auto_range" to catch the "range" ldap tag in searches. When true all needed search operation are made to fully obtain the whole range of result values
    - Fixed bug in sdist
    - Added offline schema for Fedora 389 Directory Server 1.3.3
    - Fixed bug while reading DSA info

* 0.9.6 2014.11.01
    - New feature 'offline schema' to let the client have knowledge of schema and DSA info even if not returned by the server
    - Offline schema for Novell eDirectory 8.8.8 (Novell nds)
    - Offline schema for Microsoft Active Directory 2012 R2
    - Offline schema for slapd 2.4 (Openldap)
    - Added server.info.to_json() and server.info.to_file to JSON serialize schema and info from Server object
    - Added Server.from_json() and Server.from_file() to create a Server object from a JSON definition
    - Added response_to_json() and response_to_file() to Connection object to serialize search response entries in JSON as a string or as a file
    - New exception hierarchy LDAPConfigurationError includes library configuration exceptions
    - New exception LDAPInvalidConfigurationDefinitionError
    - Dsa info and schema are not read twice when binding (thanks phobie)
    - LDAPStartTLSError exception is merged with exception raised from ssl packaged
    - Digest-MD5 SASL authentication accepts directives with list attributes (thanks John)
    - Fixed caseInsensitiveDictionary for keys() and values() methods
    - Fixed matching of certificate name in ssl with Python2
    - Attributes names and formatters are checked even if schema is not read by the server
    - Fixed fractional time when parsing generalized time
    - Specific decoder for Active Directory ObjectGuid and ObjectSid
    - Added additional checking for unicode in Python 2
    - Tested against Python 3.4.2, 2.7.8, 2.6.6
    - Updated setuptools to 7.0

* 0.9.5.4 2014.09.22
    - Fixed security issue in lazy connections (thanks Moritz)
    - Added ldap3.utils.dn with parse_dn(dn) to verify dn compliance with RFC4514
    - Added safe_dn(dn) to properly escape dn (if possible)
    - Added ldap3.utils.uri with parse_uri(uri) to verify uri compliance with RFC4516
    - Check for trailing slashes in hostname (thanks Dylan)
    - Timeout for socket connect operation. Server.connect_timeout = seconds_to_wait_for_establishing_connection (thanks Florian)
    - Closing socket error doesn't raise exception anymore
    - ServerPool can be implicity defined with a list of server names (even when defining a connection)

* 0.9.5.3 2014.08.24
    - elements returned in schema and dsa info are in a case insensitive dictionary (can be changed in ldap3.CASE_INSENSITIVE_SCHEMA_NAMES = True|False)
    - attributes name returned in searches are now case insensitive (can be changed in ldap3.CASE_INSENSITIVE_ATTRIBUTE_NAMES = True|False)
    - change parameter name from separe_rdn to separate_rdn in ldap3.utils.conv.to_dn()
    - sync dev from Bitbucket to GitHub
    - schema attributes are explicitly read (useful for Active directory and 389 Directory Server)
    - new extended operation: list_replicas (Novell)
    - new extended operation: get_replica_info (Novell)
    - new extended operation: partition_entry_count (Novell)
    - renamed convert_to_ldif() to _convert_to_ldif()

* 0.9.5.2 2014.08.05
    - fixed LDAPOperationResult.__str__ (thanks David)
    - added to_dn() in utils.conv to convert a dn string to a list of components (strings or tuples)
    - added __version__ in ldap3
    - don't raise exception if the schema cannot be read in unauthenticated state
    - server.address_info is now a property

* 0.9.5.1 2014.08.02
    - getaddrinfo called only once
    - real_server machinery removed - messageId is now global and monotonic for the whole library
    - attributes are returned formatted if schema is read and check_names = True, removed checked_attributes
    - bind result is populated again when successful (was removed in 0.9.2.1)
    - exception is now raised if you receive multiple extended response to a single extended request. This is not allowed by RFC 4511

* 0.9.5 2014.07.22
    - added support for IPv6 (thanks Robert)
    - auto_bind can be used even for establishing tls, possible values (defined in ldap3) are: AUTO_BIND_NONE, AUTO_BIND_NO_TLS, AUTO_BIND_TLS_AFTER_BIND, AUTO_BIND_TLS_BEFORE_BIND
    - refactored extend package to use classes
    - new extended operation: get_universal_password (Novell)
    - new extended operation: set_universal_password (Novell)
    - added parsing of hostname in scheme://hostname:hostport format. This has the precedence on the parameters (thanks Sorin)
    - added extra checks when the schema is read (with the get_info parameter) but nothing is returned by the server
    - updated setuptools to version 5.4.1
    - when check_name is True and schema is read attributes are checked and formatted in "checked_attributes" as specified by RFCs and schema
    - added formatter for generalizedTime syntax as specified in rfc 4517 (asn.1)
    - custom formatter can be added in Server definition

* 0.9.4.2 2014.07.03
    - Moved to Bitbucket + Mercurial
    - Fixed import in core.tls package
    - Removed unneeded imports

* 0.9.4.1 2014.07.02
    - included missing extend package (thanks to debnet)

* 0.9.4 2014.07.02
    - when running in python 3.4 or newer now Tls class uses SSLContext object with default secure setting
    - added parameters ca_certs_path, ca_certs_data, local_private_key_password to Tls object creation, valid when using SSLContext
    - in python 3.4 or newer the system CA certificates configuration can be used (just leave ca_cert_file, ca_certs_path and ca_certs_data set to None)
    - removed TLSv1 as default for Tls connection
    - upgraded backported ssl function from python 3.4.1 when using with python 2
    - when creating a connection server can now be a string, the name of the server to connect in cleartext on default port 389
    - fixed bug in ldap3.util.conv.escape_bytes()
    - attributes parameter in search can be a tuple
    - check_names parameter in connection now defaults to True (so if schema info is available attribute and class name will be checked when performing LDAP operations)
    - remove the connection.close() method - you must use connection.unbind()
    - new exception LDAPExtensionError for signaling when the requestValue of extended operation is of unknown ASN1 type
    - exiting connection manager doesn't raise exception if unbind is not successful (needed in long operations)
    - new extended operation: modify_password (RFC3062)
    - new extended operation: who_am_i (RFC4532)
    - new extended operation: get_bind_dn (Novell)
    - updated setuptools to version 5.3

* 0.9.3.5 2014.06.22
    - Exception history in restartable strategy is printed when reached the maximum number of retries
    - Fixed conditions on terminated_by_server unsolicited message
    - Added python2.6 egg installation package

* 0.9.3.4 2014.06.16
    - Exception can now be imported from ldap3 package
    - Escape_bytes return '' for empty string instead of None (thanks Brian)
    - Added exception history to restartable connection (except than for infinite retries)
    - Fixed start_tls retrying in restartable connection (thanks Brian)
    - New exception LDAPMaximumRetriesError for signaling when the SyncRestartable Strategy has reached the maximum number of retries while performing an operation
    - Inverted deleteoldrdn value in LDIF output (thanks Joseph)

* 0.9.3.3 2014.06.01
    - Fixed a bug in LDIFProducer when using context manager for connection
    - LDIF header in stream is added only whene there are actua data in the stream
    - Now LDIF stream can be added to an existing file - version header will not be written if stream is not empty

* 0.9.3.2 2014.05.30
    - Fixed a bug while reading schema
    - Add an implicit open() when trying binding on a closed connection

* 0.9.3.1 2014.05.28
    - Added stream capability to LDIFProducer strategy
    - Customizable line separator for ldif output
    - Customizable sorting order in ldif output
    - object_class parameter is now optional in connection.add()
    - Fixed objectClass attribute case sensitive dependency in add operation
    - Added stream capability to response_to_ldif() while searching


* 0.9.3 2014.05.20
    - Now the key in server.schema.attribute_type is the attribute name (was the oid)
    - Now the key in server.schema.object_classes is the class name (was the oid)
    - Added check_names to Connection definition to have the names of attributes and object class checked against the schema
    - Updated setuptools to 3.6
    - Added wheel installation format
    - Added raise_exceptions mode for connection
    - Exception hierarchy reworked
    - Added locking to Server object (for multithreading)

* 0.9.2.2 2014.04.30
    - fixed a bug from 0.9.1 that broke start_tls() (thanks Mark)

* 0.9.2.1 2014.04.28
    - fixed a bug in 0.9.2 that allowed only string attributes in add, modify and compare operations (thank Mladen)

* 0.9.2 2014.04.26
    - changed return value in get_response from response to (response, result) - helpful for multi threaded connections
    - added ReusableStrategy for pooling connections
    - refined docstrings (thanks Will)
    - result and response attributes don't overlap anymore. Operation result is only in result attribute.
    - fixed search for binary values (thanks Marcin)
    - added convenience function to convert bytes to LDAP binary value string format for search filter

* 0.9.1 2014.03.30
    - added laziness flag to test suite
    - changed ServerPool signature to accept active and exhaust parameters
    - removed unneeded start_listen parameter
    - added 'lazy' parameter to open, to bind and to unbind a connection only when an effective operation is performed
    - fixed start_tls in SyncWaitRestartable strategy
    - fixed certificate name checking while opening an ssl connection
    - fixed syntax error during installation
    - socket operations now raises proper exception, not generic LDAPException (thanks Joseph)
    - tested against Python 3.4, 3.3, 2.7, 2.6
    - updated setuptools to 3.3

* 0.9.0 2014.03.20
    - PEP8 compliance
    - added ldap3.compat package with older (non PEP8 compliant) signatures
    - renamed ldap3.abstraction to ldap3.abstract
    - moved connection.py, server.py and tls.py files to ldap3.core
    - fixed SyncWaitRestartableStrategy (thanks Christoph)

* 0.8.3 2014.03.08
    - added SyncWaitRestartable strategy
    - removed useless forceBind parameter
    - usage statistics updated with restartable success/failure counters and open/closed/wrapped socket counters

* 0.8.2 2014.03.04
    - Added refresh() method to Entry object to read again the attributes from the Reader in the abstraction layer
    - Fixed Python 2.6 issues
    - Fixed test suite for Python 2.6

* 0.8,1 2014.02.12
    - Changed exceptions returned by the library to LDAPException, a subclass of Exception.
    - Fixed documentation typos

* 0.8.0 - 2014.02.08
    - Added abstraction layer (for searching)
    - Added context manager to Connection class
    - Added readOnly parameter to Connection class
    - Fixed a bug in search with 'less than' parameter
    - Remove validation of available SSL protocols because different Python interpreters can use different ssl packages

* 0.7.3 - 2014.01.05
    - Added SASL DIGEST-MD5 support
    - Moved to intrapackage (relative) imports

* 0.7.2 - 2013.12.30
    - Fixed a bug when parentheses are used in search filter as ASCII escaped sequences

* 0.7.1 - 2013.12.21
    - Completed support for LDFI as per RFC2849
    - Added new LDIF_PRODUCER strategy to generate LDIF-CHANGE stream
    - Fixed a bug in the autoReferral feature when controls where used in operation

* 0.7.0 - 2013.12.12
    - Added support for LDIF as per RFC2849
    - Added LDIF-CONTENT compliant search responses
    - Added exception when using autoBind if connection is not successful

* 0.6.7 - 2013.12.03
    - Fixed exception when DSA is not willing to return rootDSE and schema info

* 0.6.6 - 2013.11.13
    - Added parameters to test suite

* 0.6.5 - 2013.11.05
    - Modified rawAttributes decoding, now null (empty) values are returned

* 0.6.4 - 2013.10.16
    - Added simple paged search as per RFC2696
    - Controls return values are decoded and stored in result attribute of connection

* 0.6.3 - 2013.10.07
    - Added Extesible Filter syntax to search filter
    - Fixed exception while closing connection in AsyncThreaded strategy

* 0.6.2 - 2013.10.01
    - Fix for referrals in searchRefResult
    - Disabled schema reading on Active Directory

* 0.6.1 - 2013.09.22
    - Experimental support for Python 2 - no unicode
    - Added backport of ssl.match_name for Python 2
    - Minor fixes for using the client in Python 2
    - Fix for getting schema info with AsyncThreaded strategy

* 0.6.0 - 2013.09.16
    - Moved to beta!
    - Added support site hosted on www.assembla.com
    - Added public svn repository on www.assembla.com
    - Added getInfo to server object, parameter can be: GET_NO_INFO, GET_DSA_INFO, GET_SCHEMA_INFO, GET_ALL_INFO
    - Added method to read the schema from the server. Schema is decoded and returned in different dictionaries of the server.schema object
    - Updated connection usage info (elapsed time is now computed when connection is closed)
    - Updated OID dictionary with extensions and controls from Active Directory specifications.

* 0.5.3 - 2013.09.03
    - Added getOperationalAttributes boolean to Search operation to fetch the operational attributes during search
    - Added increment operation to modify operation as per RFC4525
    - Added dictionary of OID descriptions (for DSE and schema decoding)
    - Added method to get Info from DSE (returned in server.info object)
    - Modified exceptions for sending controls in LDAP request
    - Added connection usage (in connection.usage if collectUsage=True in connection definition)
    - Fixed StartTls in asynchronous client strategy

* 0.5.2 - 2013.08.27
    - Added SASLprep profile for validating password
    - Fixed RFC4511 asn1 definitions

* 0.5.1 - 2013.08.17
    - Refactored package structure
    - Project description reformatted with reStructuredText
    - Added Windows graphical installation

* 0.5.0 - 2013.08.15
    - Added reference to LGPL v3 license
    - Added Tls object to hold ssl/tls configuration
    - Added StartTLS feature
    - Added SASL feature
    - Added SASL EXTERNAL mechanism
    - Fixed Unbind
    - connection.close in now an alias for connection.unbind

* 0.4.4 - 2013.08.01
    - Added 'Controls' to all LDAP Requests
    - Added Extended Request feature
    - Added Intermediate Response feature
    - Added namespace 'ldap3'

* 0.4.3 - 2013.07.31
    - Test suite refactored
    - Fixed single object search response error
    - Changed attributes returned in search from tuple to dict
    - Added 'raw_attributes' key in search response to hold undecoded (binary) attribute values read from ldap
    - Added __repr__ for Server and Connection objects to re-create the object instance

* 0.4.2 - 2013.07.29
    - Added autoReferral feature as per RFC4511 (4.1.10)
    - Added allowedReferralHosts to conform to Security considerations of RFC4516

* 0.4.1 - 2013.07.20
    - Add validation to Abandon operation
    - Added connection.request to hold a dictionary of infos about last request
    - Added info about outstanding operation in connection.strategy._oustanding
    - Implemented RFC4515 for search filter coding and decoding
    - Added a parser to build filter string from LdapMessage

* 0.4.0 - 2013.07.15
    - Refactoring of the connection and strategy classes
    - Added the ldap3.strategy namespace to contain client connection strategies
    - Added ssl authentication
    - Moved authentication parameters from Server object to Connection object
    - Added ssl parameters to Server Object

* 0.3.0 - 2013.07.14
    - Fixed AsyncThreaded strategy with _outstanding and _responses attributes to hold the pending requests and the not-yet-read responses
    - Added Extended Operation
    - Added "Unsolicited Notification" discover logic
    - Added managing of "Notice of Disconnection" from server to properly close connection

* 0.2.0 - 2013.07.13
    - Update setup with setuptools 0.7
    - Docstrings added to class
    - Removed ez_setup dependency
    - Removed distribute dependency

* 0.1.0 - 2013.07.12
    - Initial upload on pypi
    - PyASN1 RFC4511 module completed and tested
    - Synchronous client working properly
    - Asynchronous client working but not fully tested
    - Basic authentication working

About

a strictly RFC 4510 conforming LDAP V3 pure Python client. The same codebase works with Python 2. Python 3, PyPy and PyPy3

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

63 tags

Packages

No packages published

Languages

  • Python 99.9%
  • Other 0.1%