[Samba] Using samba-python to query AD? Status of API?
pisymbol .
pisymbol at gmail.com
Thu Nov 5 18:19:23 UTC 2015
On Thu, Nov 5, 2015 at 11:41 AM, Rowland Penny
<rowlandpenny241155 at gmail.com> wrote:
> On 05/11/15 16:38, pisymbol . wrote:
>>
>> On Thu, Nov 5, 2015 at 10:06 AM, Rowland Penny
>> <rowlandpenny241155 at gmail.com> wrote:
>>>
>>> On 05/11/15 14:59, pisymbol . wrote:
>>>>
>>>> On Wed, Nov 4, 2015 at 4:44 PM, Rowland Penny
>>>> <rowlandpenny241155 at gmail.com> wrote:
>>>>>
>>>>> Ah, you want to search AD with python, as in 'ldbsearch -H
>>>>> /usr/local/samba/private/sam.ldb' (this will dump the AD database)
>>>>> You will find lots of 'examples' in the python 'samba' directory that
>>>>> an
>>>>> install of a samba DC creates, these are used by samba-tool, well
>>>>> actually,
>>>>> they are samba-tool :-)
>>>>
>>>> No, I don't want to dump the LDB, I want to query an actual Windows DC
>>>> (same as 'net ads search' command).
>>>
>>> That was just an example, but why are you asking on a Samba mailing list
>>> for
>>> information on howto query a windows DC??
>>>
>>> You can use ldbsearch or ldapsearch for this, or use windows tools from a
>>> windows machine.
>>
>> Yes, I understand all that. But the 'net ads search' wrapper is a lot
>> nicer than the openldap clients.
>>
>> But perhaps you're right, maybe OpenLDAP is indeed what I really want
>> and are a bit misguided by leveraging 'net ads search' stuff out of
>> the samba tools so heavily.
>>
>> -aps
>
>
> It might help if you explained just what you are trying to achieve, you may
> be trying to re-invent the wheel.
Again, I am just trying to query an existing Windows DC. For example,
let's say I want to dump all person objects from the FOO domain. I can
setup smb.conf and kerberos on a Linux machine to act as a client (I
don't even have to join provided I have creds) so I can do something
like this:
net ads search -U Administrator at FOO objectClass=person
This of course can be accomplished using ldapsearch etc. But samba
supplies the net command which offers the same thing but includes
automatic DC detection, etc.
I thought because there was a Python netcmd class, it might include
similar functionality.
Anyway, thanks for the tips, I still have to get around and look at
the source mathias suggested previously. I may just stick with forking
it and parsing string output.
-aps
More information about the samba
mailing list