How to Connect to LDAP Objects in Using Python: 6 Steps



Create Python applications on Linux/UNIX machines with connectivity to LDAP objects. Leverage the pyodbc module for ODBC in Python.

The rich ecosystem of Python modules lets you get to work quicker and integrate your systems more effectively. With the CData Linux/UNIX ODBC Driver for LDAP and the pyodbc module, you can easily build LDAP-connected Python applications. This article shows how to use the pyodbc built-in functions to connect to LDAP objects, execute queries, and output the results.

How to Use the CData ODBC Drivers on UNIX/Linux

The CData ODBC Drivers are supported in various Red Hat-based and Debian-based systems, including Ubuntu, Debian, RHEL, CentOS, and Fedora. There are also several libraries and packages that are required, many of which may be installed by default, depending on your system. For more information on the supported versions of Linux operating systems and the required libraries, please refer to the "Getting Started" section in the help documentation (installed and found online).

1. Install the Driver Manager

Before installing the driver, check that your system has a driver manager. For this article, you will use unixODBC, a free and open source ODBC driver manager that is widely supported.

For Debian-based systems like Ubuntu, you can install unixODBC with the APT package manager:

$ sudo apt-get install unixodbc unixodbc-dev

For systems based on Red Hat Linux, you can install unixODBC with yum or dnf:

$ sudo yum install unixODBC unixODBC-devel

The unixODBC driver manager reads information about drivers from an odbcinst.ini file and about data sources from an odbc.ini file. You can determine the location of the configuration files on your system by entering the following command into a terminal:

$ odbcinst -j

The output of the command will display the locations of the configuration files for ODBC data sources and registered ODBC drivers. User data sources can only be accessed by the user account whose home folder the odbc.ini is located in. System data sources can be accessed by all users. Below is an example of the output of this command:

DRIVERS............: /etc/odbcinst.ini SYSTEM DATA SOURCES: /etc/odbc.ini FILE DATA SOURCES..: /etc/ODBCDataSources USER DATA SOURCES..: /home/myuser/.odbc.ini SQLULEN Size.......: 8 SQLLEN Size........: 8 SQLSETPOSIROW Size.: 8

2. Install the Driver

You can download the driver in standard package formats: the Debian .deb package format or the .rpm file format. Once you have downloaded the file, you can install the driver from the terminal.

The driver installer registers the driver with unixODBC and creates a system DSN, which can be used later in any tools or applications that support ODBC connectivity.

For Debian-based systems like Ubuntu, run the following command with sudo or as root: $ dpkg -i /path/to/package.deb

For Red Hat systems and other systems that support .rpms, run the following command with sudo or as root: $ rpm -i /path/to/package.rpm

Once the driver is installed, you can list the registered drivers and defined data sources using the unixODBC driver manager:

List the Registered Driver(s)

$ odbcinst -q -d CData ODBC Driver for LDAP ...

List the Defined Data Source(s)

$ odbcinst -q -s CData LDAP Source ...

To use the CData ODBC Driver for LDAP with unixODBC, ensure that the driver is configured to use UTF-16. To do so, edit the INI file for the driver (cdata.odbc.ldap.ini), which can be found in the lib folder in the installation location (typically /opt/cdata/cdata-odbc-driver-for-ldap), as follows:

cdata.odbc.ldap.ini

... [Driver] DriverManagerEncoding = UTF-16

3. Modify the DSN

The driver installation predefines a system DSN. You can modify the DSN by editing the system data sources file (/etc/odbc.ini) and defining the required connection properties. Additionally, you can create user-specific DSNs that will not require root access to modify in $HOME/.odbc.ini.

To establish a connection, the following properties under the Authentication section must be provided:

  • Valid User and Password credentials (e.g., Domain\BobF or cn=Bob F,ou=Employees,dc=Domain).
  • Server information, including the IP or host name of the Server, as well as the Port.
  • BaseDN: This will limit the scope of LDAP searches to the height of the distinguished name provided.

    Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.

/etc/odbc.ini or $HOME/.odbc.ini

[CData LDAP Source] Driver = CData ODBC Driver for LDAP Description = My Description User = Domain\BobF Password = bob123456 Server = 10.0.1.1 Port = 389

For specific information on using these configuration files, please refer to the help documentation (installed and found online).

You can follow the procedure below to install pyodbc and start accessing LDAP through Python objects.

4. Install pyodbc

You can use the pip utility to install the module:

pip install pyodbc

Be sure to import with the module with the following:

import pyodbc

5. Connect to LDAP Objects

You can now connect with an ODBC connection string or a DSN. Below is the syntax for a connection string:

cnxn = pyodbc.connect('DRIVER={CData ODBC Driver for LDAP};User=Domain\BobF;Password=bob123456;Server=10.0.1.1;Port=389;')

Below is the syntax for a DSN:

cnxn = pyodbc.connect('DSN=CData LDAP Sys;')

6. Execute SQL on LDAP

Instantiate a Cursor and use the execute method of the Cursor class to execute any SQL statement.

cursor = cnxn.cursor()

Select

You can use fetchall, fetchone, and fetchmany to retrieve Rows returned from SELECT statements:

import pyodbc cursor = cnxn.cursor() cnxn = pyodbc.connect('DSN=CData LDAP Source;User=MyUser;Password=MyPassword') cursor.execute("SELECT Id, LogonCount FROM User WHERE CN = 'Administrator'") rows = cursor.fetchall() for row in rows: print(row.Id, row.LogonCount)

You can provide parameterized queries in a sequence or in the argument list:

cursor.execute( "SELECT Id, LogonCount FROM User WHERE CN = ?", 'Administrator',1)

Insert

INSERT commands also use the execute method; however, you must subsequently call the commit method after an insert or you will lose your changes:

cursor.execute("INSERT INTO User (CN) VALUES ('Administrator')") cnxn.commit()

Update and Delete

As with an insert, you must also call commit after calling execute for an update or delete:

cursor.execute("UPDATE User SET CN = 'Administrator'") cnxn.commit()

Metadata Discovery

You can use the getinfo method to retrieve data such as information about the data source and the capabilities of the driver. The getinfo method passes through input to the ODBC SQLGetInfo method.

cnxn.getinfo(pyodbc.SQL_DATA_SOURCE_NAME)

You are now ready to build Python apps in Linux/UNIX environments with connectivity to LDAP objects, using the CData ODBC Driver for LDAP.

Ready to get started?

Download a free trial of the LDAP ODBC Driver to get started:

 Download Now

Learn more:

LDAP Icon LDAP ODBC Driver

The LDAP ODBC Driver is a powerful tool that allows you to connect with live LDAP directory services, directly from any applications that support ODBC connectivity.

Access LDAP objects like you would a database - define custom tables for any ObjectClass, and then perform SQL queries through a standard ODBC Driver interface.