Use SQLAlchemy ORMs to Access Active Directory Data in Python

Ready to get started?

Download for a free trial:

Download Now

Learn more:

Active Directory Python Connector

Python Connector Libraries for Active Directory Data Connectivity. Integrate Active Directory with popular Python tools like Pandas, SQLAlchemy, Dash & petl.

The CData Python Connector for Active Directory enables you to create Python applications and scripts that use SQLAlchemy Object-Relational Mappings of Active Directory data.

The rich ecosystem of Python modules lets you get to work quickly and integrate your systems effectively. With the CData Python Connector for Active Directory and the SQLAlchemy toolkit, you can build Active Directory-connected Python applications and scripts. This article shows how to use SQLAlchemy to connect to Active Directory data to query, update, delete, and insert Active Directory data.

With built-in optimized data processing, the CData Python Connector offers unmatched performance for interacting with live Active Directory data in Python. When you issue complex SQL queries from Active Directory, the CData Connector pushes supported SQL operations, like filters and aggregations, directly to Active Directory and utilizes the embedded SQL engine to process unsupported operations client-side (often SQL functions and JOIN operations).

Connecting to Active Directory Data

Connecting to Active Directory data looks just like connecting to any relational data source. Create a connection string using the required connection properties. For this article, you will pass the connection string as a parameter to the create_engine function.

To establish a connection, set the following properties:

  • Valid User and Password credentials (e.g., Domain\BobF or cn=Bob F,ou=Employees,dc=Domain).
  • Server information, including the IP or host name of the Server, as well as the Port.
  • BaseDN: This will limit the scope of LDAP searches to the height of the distinguished name provided.

    Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.

Follow the procedure below to install SQLAlchemy and start accessing Active Directory through Python objects.

Install Required Modules

Use the pip utility to install the SQLAlchemy toolkit:

pip install sqlalchemy

Be sure to import the module with the following:

import sqlalchemy

Model Active Directory Data in Python

You can now connect with a connection string. Use the create_engine function to create an Engine for working with Active Directory data.

engine = create_engine("activedirectory:///?User=cn=Bob F,ou=Employees,dc=Domain&Password=bob123&Server=")

Declare a Mapping Class for Active Directory Data

After establishing the connection, declare a mapping class for the table you wish to model in the ORM (in this article, we will model the User table). Use the sqlalchemy.ext.declarative.declarative_base function and create a new class with some or all of the fields (columns) defined.

base = declarative_base()
class User(base):
	__tablename__ = "User"
	Id = Column(String,primary_key=True)
	LogonCount = Column(String)

Query Active Directory Data

With the mapping class prepared, you can use a session object to query the data source. After binding the Engine to the session, provide the mapping class to the session query method.

Using the query Method

engine = create_engine("activedirectory:///?User=cn=Bob F,ou=Employees,dc=Domain&Password=bob123&Server=")
factory = sessionmaker(bind=engine)
session = factory()
for instance in session.query(User).filter_by(CN="Administrator"):
	print("Id: ", instance.Id)
	print("LogonCount: ", instance.LogonCount)

Alternatively, you can use the execute method with the appropriate table object. The code below works with an active session.

Using the execute Method

User_table = User.metadata.tables["User"]
for instance in session.execute( == "Administrator")):
	print("Id: ", instance.Id)
	print("LogonCount: ", instance.LogonCount)

For examples of more complex querying, including JOINs, aggregations, limits, and more, refer to the Help documentation for the extension.

Insert Active Directory Data

To insert Active Directory data, define an instance of the mapped class and add it to the active session. Call the commit function on the session to push all added instances to Active Directory.

new_rec = User(Id="placeholder", CN="Administrator")

Update Active Directory Data

To update Active Directory data, fetch the desired record(s) with a filter query. Then, modify the values of the fields and call the commit function on the session to push the modified record to Active Directory.

updated_rec = session.query(User).filter_by(SOME_ID_COLUMN="SOME_ID_VALUE").first()
updated_rec.CN = "Administrator"

Delete Active Directory Data

To delete Active Directory data, fetch the desired record(s) with a filter query. Then delete the record with the active session and call the commit function on the session to perform the delete operation on the provided records (rows).

deleted_rec = session.query(User).filter_by(SOME_ID_COLUMN="SOME_ID_VALUE").first()

Free Trial & More Information

Download a free, 30-day trial of the Active Directory Python Connector to start building Python apps and scripts with connectivity to Active Directory data. Reach out to our Support Team if you have any questions.