IMPORTANT!

Snipt is going open source. We've toyed with this idea for quite a while, and have finally decided it's the right way to move forward.

A few things:
  • The entire Snipt source code will be released on GitHub under the 3-clause BSD License on Friday, September 10th.
  • While we'd like to think we're perfect, we realize we're only human. By open sourcing the software that runs this website, certain bugs or security flaws may be discovered that could compromise the privacy of your snipts.
  • Only the Lion Burger team will be able to push commits to the Snipt.net site. Contributors should send a pull request to add new features or submit patches.
  • By using this site, you agree not to be too angry or take any legal action against Lion Burger should this whole thing go up in flames some day.
  • Follow us on Twitter for updates.
I agree, close this message
Sign up to create your own snipts, or login.

Latest 100 public snipts » Fotinakis's snipts » ldap The latest ldap snipts from Fotinakis.

showing 1-2 of 2 snipts for ldap
  • Change Active Directory password via LDAP modify call 
    #!/usr/bin/python

import ldap

host = 'ldaps://ldap.example.com:636'

con = ldap.initialize(host)
con.set_option( ldap.OPT_X_TLS_DEMAND, True )
con.set_option( ldap.OPT_DEBUG_LEVEL, 255 )

# Encode the password in UTF-16 Little Endian
#
# ASCII "new":     0x6E 0x65 0x77
# UTF-16 "new":    0x6E 0x00 0x65 0x00 0x77 0x00
# UTF-16 "new"
#     with quotes: 0x22 0x00 0x6E 0x00 0x65 0x00 0x77 0x00 0x22 0x00
#
# http://msdn.microsoft.com/en-us/library/cc200469%28PROT.10%29.aspx
#
# NOTE: The article says to BER encode the password octet stream before
# sending for change, but doing so causes the server to give its standard
# "will not perform" error on password change. So, no BER encoding is done here.
username = 'someUser'
new_pass = 'ne$wP4assw0rd3!'
new_password = ('"%s"' % new_pass).encode("utf-16-le")

try:
	con.simple_bind_s( "admin@ldap.example.com", "password" )
	
	# For some reason, two MOD_REPLACE calls are necessary to change the password.
	# If only one call is performed, both the old and new password will work.
	mod_attrs = [( ldap.MOD_REPLACE, 'unicodePwd', new_password)],( ldap.MOD_REPLACE, 'unicodePwd', new_password)]
	con.modify_s('CN=%s,OU=Users,DC=ldap,DC=example,DC=com' % username, mod_attrs)
except:
	raise
else:
	print "Successfully changed password."

    copy | embed

    0 comments - tagged in  posted by Fotinakis on Aug 03, 2009 at 4:56 p.m. EDT
  • Protect Apache directory with LDAP credentials 
    # sudo a2enmod authnz_ldap

SSLRequireSSL
AuthType Basic
AuthName "Authentication"
AuthBasicProvider ldap
AuthLDAPBindDN name@example.com
AuthLDAPBindPassword password
AuthLDAPURL ldaps://host:port/ou=MainOU,dc=example,dc=com?sAMAccountName?sub?(objectClass=*)
AuthzLDAPAuthoritative off
Require valid-user

    copy | embed

    0 comments - tagged in  posted by Fotinakis on Apr 28, 2009 at 11:51 a.m. EDT
Sign up to create your own snipts, or login.