Chapter 5
# Bind/authenticate with a user with apropriate rights to add
objectsldap_client.simple_bind("dc=localdomain,dc=loc")base_dn = 'ou=users,dc=localdomain,dc=loc'
filter = '(objectclass=person)'
attrs = ['sn']result = ldap_client.search_s( base_dn, ldap.SCOPE_SUBTREE,
filter, attrs )
print(result)The preceding code will search the LDAP directory subtree with the
ou=users,dc=localdomain,dc=loc base DN and the [sn] attributes.
The search is limited to the person objects.
Inspecting LDAP packets
If we analyze the communication between the LDAP client and the server, then we
can see the format of the LDAP search request and response. The parameters that we
have used in our code have a direct relationship with the searchRequest section of
an LDAP packet. As shown in the following screenshot produced by Wireshark, it
contains data, such as baseObject, scope and Filter.