How to Connect to LDAP Objects in Python on Linux/UNIX

The rich ecosystem of Python modules lets you get to work quicker and integrate your systems more effectively. With the CData Linux/UNIX ODBC Driver for LDAP and the pyodbc module, you can easily build LDAP-connected Python applications. This article shows how to use the pyodbc built-in functions to connect to LDAP objects, execute queries, and output the results.

Using the CData ODBC Drivers on a UNIX/Linux Machine

The CData ODBC Drivers are supported in various Red Hat-based and Debian-based systems, including Ubuntu, Debian, RHEL, CentOS, and Fedora. There are also several libraries and packages that are required, many of which may be installed by default, depending on your system. For more information on the supported versions of Linux operating systems and the required libraries, please refer to the "Getting Started" section in the help documentation (installed and found online).

Installing the Driver Manager

Before installing the driver, check that your system has a driver manager. For this article, you will use unixODBC, a free and open source ODBC driver manager that is widely supported.

For Debian-based systems like Ubuntu, you can install unixODBC with the APT package manager:

For systems based on Red Hat Linux, you can install unixODBC with yum or dnf:

The unixODBC driver manager reads information about drivers from an odbcinst.ini file and about data sources from an odbc.ini file. You can determine the location of the configuration files on your system by entering the following command into a terminal:

The output of the command will display the locations of the configuration files for ODBC data sources and registered ODBC drivers. User data sources can only be accessed by the user account whose home folder the odbc.ini is located in. System data sources can be accessed by all users. Below is an example of the output of this command:

Installing the Driver

You can download the driver in standard package formats: the Debian .deb package format or the .rpm file format. Once you have downloaded the file, you can install the driver from the terminal.

The driver installer registers the driver with unixODBC and creates a system DSN, which can be used later in any tools or applications that support ODBC connectivity.

For Debian-based systems like Ubuntu, run the following command with sudo or as root: $ dpkg -i /path/to/package.deb

For Red Hat systems and other systems that support .rpms, run the following command with sudo or as root: $ rpm -i /path/to/package.rpm

Once the driver is installed, you can list the registered drivers and defined data sources using the unixODBC driver manager:

List the Registered Driver(s)

List the Defined Data Source(s)

To use the CData ODBC Driver for LDAP with unixODBC, ensure that the driver is configured to use UTF-16. To do so, edit the INI file for the driver (cdata.odbc.ldap.ini), which can be found in the lib folder in the installation location (typically /opt/cdata/cdata-odbc-driver-for-ldap), as follows:

cdata.odbc.ldap.ini

Modifying the DSN

The driver installation predefines a system DSN. You can modify the DSN by editing the system data sources file (/etc/odbc.ini) and defining the required connection properties. Additionally, you can create user-specific DSNs that will not require root access to modify in $HOME/.odbc.ini.

To establish a connection, the following properties under the Authentication section must be provided:

• Valid User and Password credentials (e.g., Domain\BobF or cn=Bob F,ou=Employees,dc=Domain).
• Server information, including the IP or host name of the Server, as well as the Port.

• BaseDN: This will limit the scope of LDAP searches to the height of the distinguished name provided.

  Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.

/etc/odbc.ini or $HOME/.odbc.ini

For specific information on using these configuration files, please refer to the help documentation (installed and found online).

You can follow the procedure below to install pyodbc and start accessing LDAP through Python objects.

Install pyodbc

You can use the pip utility to install the module:

Be sure to import with the module with the following:

Connect to LDAP Objects in Python

You can now connect with an ODBC connection string or a DSN. Below is the syntax for a connection string:

Below is the syntax for a DSN:

Execute SQL to LDAP

Instantiate a Cursor and use the execute method of the Cursor class to execute any SQL statement.

Select

You can use fetchall, fetchone, and fetchmany to retrieve Rows returned from SELECT statements:

You can provide parameterized queries in a sequence or in the argument list:

Insert

INSERT commands also use the execute method; however, you must subsequently call the commit method after an insert or you will lose your changes:

Update and Delete

As with an insert, you must also call commit after calling execute for an update or delete:

Metadata Discovery

You can use the getinfo method to retrieve data such as information about the data source and the capabilities of the driver. The getinfo method passes through input to the ODBC SQLGetInfo method.

You are now ready to build Python apps in Linux/UNIX environments with connectivity to LDAP objects, using the CData ODBC Driver for LDAP.