top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Authenticate users using command line tool against AD in python

0 votes
378 views

I am writing a command line tool in python to generate one time passwords/tokens. The command line tool will have certain sub-commands like --generate-token and --list-all-tokens for example. I want to restrict access to certain sub-commands. In this case, when user tries to generate a new token, I want him/her to authenticate against AD server first.

I have looked at python-ldap and I am even able to bind to the AD server. In my application I have a function

 def authenticate_user(username, password): pass

which gets username and plain-text password. How do I use the LDAPObject instance to validate these credentials?

posted Jul 27, 2015 by anonymous

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button

Similar Questions
+1 vote

Is there a way to get samba to authenticate against an AD without having to join that domain (which needs admin credentials)? I don't want any of the automatic user creation or mapping stuff from winbind, just a password check instead of having to maintain a local password.

I can get that effect via kerberos for normal linux logins by using authconfig-tui, checking kerberos, and filling in the domain/kdc details. Local users still have to be added to the linux system, but where the user names match they can authenticate with their domain password. But, samba doesn't work that way. Even though the authconfig program modifies the smb.conf file, it doesn't seem to work without joining the domain. Is it possible to make it just authenticate via kerberos but otherwise use the local account details
for the matching user?

+1 vote

I'm using Python 2.7 under Windows and am trying to run a command line program and process the programs output as it is running. A number of web searches have indicated that the following code would work.

import subprocess

p = subprocess.Popen("D:PythonPython27Scriptspip.exe list -o",
 stdout=subprocess.PIPE,
 stderr=subprocess.STDOUT,
 bufsize=1,
 universal_newlines=True,
 shell=False)
for line in p.stdout:
 print line

When I use this code I can see that the Popen works, any code between the Popen and the for will run straight away, but as soon as it gets to the for and tries to read p.stdout the code blocks until the command
line program completes, then all of the lines are returned. Does anyone know how to get the results of the program without it blocking?

+1 vote

socket.gethostbyname sends the DNS resolution query to the DNS server specified by the OS. Is there an easy way to send a query to a *different* server?

I see that twisted.names allows you to do this, but, having all of twisted as dependency to my project when all I need to do is a simple DNS query seems a bit extreme. I also found pydns, but that looks fairly outdated and unmaintained.

0 votes

If LDAPVerifyServerCert is enabled in SSL , authentication fails with Message simple bind failed. If LDAPVerifyServerCert is disabled in SSL there is no issue.

LDAP server is OpenLdap.

What configuration w.r.t LDAP/SSL I need to check so that authentication succeeds with LDAPVerifyServerCertflag ON.

+1 vote

I have a requirement where I need to kill one process on remote windows machine. Following command just works fine if i have to kill process on local machine

os.system('taskkill /f /im processName.exe')

However I am not able to figure out how to execute this command on remote windows machine. So is there any way I can execute command from windows machine on remote windows machine ?
Note: my local machine is also windows (machine from where i have to execute command)

...