I currently use django-ldapdb to inspect an LDAP database. I can view users, and groups of the form DN: cn=chat,ou=groups,dc=example,dc=com with a member list attribute.
Can I additionally use it to add and remove members from an LDAP group? The documentation doesn't explicitly mention this.
At this moment git page for django-ldapdb contains following example for Group model in LDAP DB:
from ldapdb.models.fields import CharField, IntegerField, ListField
import ldapdb.models
class LdapGroup(ldapdb.models.Model):
"""
Class for representing an LDAP group entry.
"""
# LDAP meta-data
base_dn = "ou=groups,dc=nodomain,dc=org"
object_classes = ['posixGroup']
# posixGroup attributes
gid = IntegerField(db_column='gidNumber', unique=True)
name = CharField(db_column='cn', max_length=200, primary_key=True)
members = ListField(db_column='memberUid')
def __str__(self):
return self.name
def __unicode__(self):
return self.name
Use following example code for adding user in group:
user_dn = 'cn=SOME,ou=EXAMPLE,dc=nodomain,dc=org'
group_dn = 'cn=SOME,ou=groups,dc=nodomain,dc=org'
group = LdapGroup.objects.get(dn=group_dn)
group.members.append(user_dn)
group.save()
For removing user from group:
del group.members[group.members.index(user_dn)]
group.save()
Also pay attention on members = ListField(db_column='memberUid'). Column name memberUid could be different in LDAP implementations/settings.
