ldaptools
Helper modules to work with LDAP directories and test LDAP tools against OpenLDAP.
ldaptools.ldif_utils
: simple parser for LDIF filesldaptools.ldap_source
: generate a stream of LDAP entries from an LDAP URLldaptools.synchronize
: synchronization class to synchronize a source of LDAP records with a targetldaptools.paged
: an LDAPObject implementating paged search requestsldaptools.ldapsync
: a command line client to the Synchronize classldaptools.slapd
: launch a standalone slapd server, manipulate its configuration, it helps
in writing tests against OpenLDAP.
ldapsync
usage: ldapsync [-h] --object-class-pivot OBJECT_CLASS_PIVOT
[--attributes-file ATTRIBUTES_FILE] [--attributes ATTRIBUTES]
--source-uri SOURCE_URI --source-base-dn SOURCE_BASE_DN
[--source-bind-dn SOURCE_BIND_DN]
[--source-bind-password SOURCE_BIND_PASSWORD] --target-uri
TARGET_URI --target-base-dn TARGET_BASE_DN
[--target-bind-dn TARGET_BIND_DN]
[--target-bind-password TARGET_BIND_PASSWORD] [--fake]
[--verbose]
Synchronize an LDIF file or a source LDAP directory to another directory Base
DN of the source is remapped to another DN in the target directory
optional arguments:
-h, --help show this help message and exit
--object-class-pivot OBJECT_CLASS_PIVOT
an objectClass and an attribute name which is the
unique identifier for this class
--attributes-file ATTRIBUTES_FILE
a file containing the list of attributes to
synchronize
--attributes ATTRIBUTES
a list of attribute names separated by spaces
--source-uri SOURCE_URI
URL of an LDAP directory (ldapi://, ldap:// or
ldaps://) or path of and LDIF file
--source-base-dn SOURCE_BASE_DN
base DN of the source
--source-bind-dn SOURCE_BIND_DN
bind DN for a source LDAP directory
--source-bind-password SOURCE_BIND_PASSWORD
bind password for a source LDAP directory
--target-uri TARGET_URI
URL of the target LDAP directory
--target-base-dn TARGET_BASE_DN
base DN of the target LDAP directory
--target-bind-dn TARGET_BIND_DN
bind DN for a target LDAP directory
--target-bind-password TARGET_BIND_PASSWORD
bind password for a target LDAP directory
--fake compute synchronization actions but do not apply
--verbose print all actions to stdout
Exemple
Synchronize tree of organizational units and people between an LDIF file and a local OpenLDAP directory::
ldapsync --attributes 'uid cn givenName sn dc ou o description mail member' \
--object-class-pivot 'inetOrgPerson uid' \
--object-class-pivot 'organizationalUnit ou' \
--object-class-pivot 'dcobject dc' \
--source-uri dump.ldif \
--source-base-dn dc=myorganization,dc=fr \
--target-uri ldapi:// \
--target-base-dn o=myorganization,dc=otherorganization,dc=fr \
--verbose
Synchronize tree of organizational units and people between two LDAP directories::
ldapsync --attributes 'uid cn givenName sn dc ou o description mail member' \
--object-class-pivot 'inetOrgPerson uid' \
--object-class-pivot 'organizationalUnit ou' \
--object-class-pivot 'dcobject dc' \
--source-uri ldap://ldap.myorganization.fr \
--source-bind-dn uid=admin,ou=people,dc=myorganization,dc=fr
--source-bind-password password
--source-base-dn dc=myorganization,dc=fr \
--target-uri ldap://ldap.otherorganization.fr
--target-bind-dn uid=admin,o=myorganization,dc=otherorganization,dc=fr
--target-bind-password password
--target-base-dn o=myorganization,dc=otherorganization,dc=fr \
--verbose
Changelog
0.21
- fix warnings about file descriptor leaks and python-ldap3 bytes-mode
0.18
- fix conversion of text to bytes in LDIF parser
0.17
- Python3 compatibility
- fix test certificates
0.16
0.15
- add support testing with TLS
- filter objectclass from sources, keep only known ones
0.14
- fix default ACL when creating slapd server
- fix grammar of LDIF configurations
0.13
- in ldapsync, do not delete records not pertaining to one of the objectclass listed in
--object-class-pivot
0.12
- wait for complete stop of the daemon when stopping
0.11
- remove debugging statements
0.10
- fix leak of standard file descriptors from slapd
0.9
- paged: fix paged search when the response contains no paged result extended control
- improvements to tox script
0.8
- improve display of actions and errors
- lowercase attributes in dn of LDIF sources
- fix bug when removing attributes from source outside the permitted attributes
- allow specifying case insensitive attributes for compare
0.7
- ldapsync: add a --source-filter parameter
0.6
- add empty attribute to new entry if attribute is present in target entry
- remove attributes outside of the specified attributes from source entries
- return an empty list of target base DN does no exist
- convert attribute names to istr
- fix typo
0.5
- setup.py: add long description
0.4
0.3
- setup.py: add dependency on setuptools
0.2
- improvements to tox script
0.1