https://github.com/peppelinux/pyMultiLDAP

OpenLDAP proxy or simple python3 LDAP client to handle multiple LDAP connections, data aggregation and manipulation strategies
https://github.com/peppelinux/pyMultiLDAP

backend gevent json ldap-client ldap3 openldap proxy rewrite-rules slapd slapd-sock unix-domain-socket

Last synced: 24 days ago
JSON representation

OpenLDAP proxy or simple python3 LDAP client to handle multiple LDAP connections, data aggregation and manipulation strategies

• Host: GitHub
• URL: https://github.com/peppelinux/pyMultiLDAP
• Owner: peppelinux
• License: other
• Created: 2019-07-16T14:12:22.000Z (almost 6 years ago)
• Default Branch: master
• Last Pushed: 2023-05-28T16:19:38.000Z (about 2 years ago)
• Last Synced: 2025-04-16T14:18:40.539Z (about 2 months ago)
• Topics: backend, gevent, json, ldap-client, ldap3, openldap, proxy, rewrite-rules, slapd, slapd-sock, unix-domain-socket
• Language: Python
• Homepage:
• Size: 50.8 KB
• Stars: 13
• Watchers: 2
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Authors: AUTHORS

Awesome Lists containing this project

README

        
pyMultiLDAP

-----

pyMultiLDAP can gather data from multiple LDAP servers, can do data aggregation and manipulation with rewrite rules.

pyMultiLDAP can act also as a proxy server, behind openldap's slapd-sock backend or any custom implementation.

### Features

- LDAP client to many servers as a single one;

- Custom functions to manipulate returning data (rewrite rules);

- Export data in python dictionary, json or ldiff format;

- Proxy Server, exposing a server daemon usable with [slapd-sock backend](https://www.openldap.org/software/man.cgi?query=slapd-sock).

pyMultiLDAP doesn't write to LDAP servers, it just handle readonly data.

It's also used to automate smart data processing on-the-fly.

See `example/settings.py.example` and `multildap/attr_rewrite.py` to understand how to configure and extend it.

### Tested on

- Debian9;

- Debian10.

### Setup

Configure multiple connections and search paramenters in `settings.py`.

Install

````

git clone https://github.com/peppelinux/pyMultiLDAP.git

cd pyMultiLDAP

pip install -r requirements

python3 setup.py install

````

or use pipy [WIP]

````

pip install pyMultiLDAP

````

#### LdapClient Class usage

````

from multildap.client import LdapClient

from settings import LDAP_CONNECTIONS

lc = LdapClient(LDAP_CONNECTIONS['SAMVICE'])

# get all the results

lc.get()

# apply a filter

lc.get(search="(&(sn=de marco)(schacPersonalUniqueId=*DMRGPP83*))")

````

##### Search and get

See `examples/run_test.py`.

Difference between `.search` and `.get`:

- *search* relyies on connection configuration and returns result as it come (raw);

- *get* handles custom search filter and retrieve result as dictionary, json, ldif or python object format. It also apply rewrite rules.

````

import copy

from multildap.client import LdapClient

from settings import LDAP_CONNECTIONS

lc = LdapClient(LDAP_CONNECTIONS['DEFAULT'])

kwargs = copy.copy(lc.conf)

kwargs['search']['search_filter'] = "(&(sn=de medici)(givenName=aurora))"

r = lc.search(**kwargs['search'])

````

#### Results in json format

````

from multildap.client import LdapClient

from . settings import LDAP_CONNECTIONS

for i in LDAP_CONNECTIONS:

    lc = LdapClient(LDAP_CONNECTIONS[i])

    print('# Results from: {} ...'.format(lc))

    # get all as defined search_filter configured in settings connection

    # but in json format

    r = lc.get(format='json')

    print(r)

    # set a custom search as method argument

    r = lc.get(search="(&(sn=de marco)(schacPersonalUniqueId=*DMRGPP345tg86H))", format='json')

    print(r)

    print('# End {}'.format(i))

````

#### Run the server

Network address

````

multildapd.py -conf settings.py -port 1234

````

Unix domain socket (for slapd-sock backend)

````

multildapd.py -conf ./settings.py -loglevel "DEBUG" -socket /var/run/multildap.sock -pid /var/run/multildap.pid -uid openldap

````

Dummy test without any ldap client connection configured, just to test slapd-sock:

````

multildapd.py -conf ./settings.py -dummy -loglevel "DEBUG" -socket /var/run/multildap.sock -pid /var/run/multildap.pid

````

Test Unix domain socket from cli

````

nc -U /tmp/multildap.sock

````

#### Interfacing it with OpenLDAP slapd-sock

The  [Slapd-sock](https://www.openldap.org/software/man.cgi?query=slapd-sock)

 backend  to  slapd  uses  an external program to handle

 queries. This makes it

 possible to have a pool of processes, which persist  between  requests.

 This  allows  multithreaded operation and a higher level of efficiency.

 Multildapd  listens  on  a  Unix  domain  socket and it must have  been  started  independently;

This  module  may  also  be  used  as  an  overlay on top of some other

 database.  Use as an overlay allows external actions to be triggered in

 response to operations on the main database.

#### Configure slapd-sock as database

Add the module.

````

ldapadd -Y EXTERNAL -H ldapi:/// <