Ready to get started?

Learn more about the CData Python Connector for LDAP or download a free trial:

Download Now

Use SQLAlchemy ORMs to Access LDAP Objects in Python

The CData Python Connector for LDAP enables you to create Python applications and scripts that use SQLAlchemy Object-Relational Mappings of LDAP objects.

The rich ecosystem of Python modules lets you get to work quickly and integrate your systems effectively. With the CData Python Connector for LDAP and the SQLAlchemy toolkit, you can build LDAP-connected Python applications and scripts. This article shows how to use SQLAlchemy to connect to LDAP objects to query, update, delete, and insert LDAP objects.

With built-in optimized data processing, the CData Python Connector offers unmatched performance for interacting with live LDAP objects in Python. When you issue complex SQL queries from LDAP, the CData Connector pushes supported SQL operations, like filters and aggregations, directly to LDAP and utilizes the embedded SQL engine to process unsupported operations client-side (often SQL functions and JOIN operations).

Connecting to LDAP Objects

Connecting to LDAP objects looks just like connecting to any relational data source. Create a connection string using the required connection properties. For this article, you will pass the connection string as a parameter to the create_engine function.

To establish a connection, the following properties under the Authentication section must be provided:

  • Valid User and Password credentials (e.g., Domain\BobF or cn=Bob F,ou=Employees,dc=Domain).
  • Server information, including the IP or host name of the Server, as well as the Port.
  • BaseDN: This will limit the scope of LDAP searches to the height of the distinguished name provided.

    Note: Specifying a narrow BaseDN may greatly increase performance; for example, cn=users,dc=domain will only return results contained within cn=users and its children.

Follow the procedure below to install SQLAlchemy and start accessing LDAP through Python objects.

Install Required Modules

Use the pip utility to install the SQLAlchemy toolkit:

pip install sqlalchemy

Be sure to import the module with the following:

import sqlalchemy

Model LDAP Objects in Python

You can now connect with a connection string. Use the create_engine function to create an Engine for working with LDAP objects.

engine = create_engine("ldap///?User=Domain\BobF&Password=bob123456&Server=10.0.1.1&Port=389")

Declare a Mapping Class for LDAP Objects

After establishing the connection, declare a mapping class for the table you wish to model in the ORM (in this article, we will model the User table). Use the sqlalchemy.ext.declarative.declarative_base function and create a new class with some or all of the fields (columns) defined.

base = declarative_base()
class User(base):
	__tablename__ = "User"
	Id = Column(String,primary_key=True)
	LogonCount = Column(String)
	...

Query LDAP Objects

With the mapping class prepared, you can use a session object to query the data source. After binding the Engine to the session, provide the mapping class to the session query method.

Using the query Method

engine = create_engine("ldap///?User=Domain\BobF&Password=bob123456&Server=10.0.1.1&Port=389")
factory = sessionmaker(bind=engine)
session = factory()
for instance in session.query(User).filter_by(CN="Administrator"):
	print("Id: ", instance.Id)
	print("LogonCount: ", instance.LogonCount)
	print("---------")

Alternatively, you can use the execute method with the appropriate table object. The code below works with an active session.

Using the execute Method

User_table = User.metadata.tables["User"]
for instance in session.execute(User_table.select().where(User_table.c.CN == "Administrator")):
	print("Id: ", instance.Id)
	print("LogonCount: ", instance.LogonCount)
	print("---------")

For examples of more complex querying, including JOINs, aggregations, limits, and more, refer to the Help documentation for the extension.

Insert LDAP Objects

To insert LDAP objects, define an instance of the mapped class and add it to the active session. Call the commit function on the session to push all added instances to LDAP.

new_rec = User(Id="placeholder", CN="Administrator")
session.add(new_rec)
session.commit()

Update LDAP Objects

To update LDAP objects, fetch the desired record(s) with a filter query. Then, modify the values of the fields and call the commit function on the session to push the modified record to LDAP.

updated_rec = session.query(User).filter_by(SOME_ID_COLUMN="SOME_ID_VALUE").first()
updated_rec.CN = "Administrator"
session.commit()

Delete LDAP Objects

To delete LDAP objects, fetch the desired record(s) with a filter query. Then delete the record with the active session and call the commit function on the session to perform the delete operation on the provided recoreds (rows).

deleted_rec = session.query(User).filter_by(SOME_ID_COLUMN="SOME_ID_VALUE").first()
session.delete(deleted_rec)
session.commit()

Free Trial & More Information

Download a free, 30-day trial of the LDAP Python Connector to start building Python apps and scripts with connectivity to LDAP objects. Reach out to our Support Team if you have any questions.