Alex Davies wrote: > > I am trying to query an AD Domain Controller for some information, and > i'd like to do this without having to install the win32 and AD libraries > for Python.
So you want to use python-ldap on Win32. Ok. > I am using the following code to obtain a list of users inside a group > (test). This works well, but i'd like to be able to add groups that > contain users into the "test" group, and return them too. In general with LDAP you have to deal with nested groups at the client side. Especially with AD explictly requesting the attribute tokenGroups on a user's entry could be an option since AD then computes all the groups a user is member of including nested groups. Note that the attribute values are not DNs. See description here: http://msdn.microsoft.com/en-us/library/ms680275(VS.85).aspx > searchFilter = "(memberOf=CN=test,OU=Machines,OU=Linux > Auth,DC=xxx,DC=local)" I'm not sure whether memberOf only indicates the directory group membership. > ldap_result_id = l.search(baseDN, searchScope, searchFilter, > retrieveAttributes) I'd recommend to use the synchronous method l.search_s() first to avoid programming errors. This is handy when you don't expect large result sets. If you want to do stream processing of large result sets ldap.resiter is more handy. Ciao, Michael. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Python-LDAP-dev mailing list Python-LDAP-dev@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
