citaret citaret - 10 months ago 41
Python Question

How to use python-ldap to modify configuration DIT of openldap?

For example, I can use the following command to change the RootDN password:

sudo ldapmodify -H ldapi:// -Y EXTERNAL -f newpasswd.ldif

The contend of newpasswd.ldif is:

dn: olcDatabase={1}mdb,cn=config
changetype: modify
replace: olcRootPW
olcRootPW: {SSHA}/Z6e+b4L6ucglrlI4KsNaX142WDCH6de

My question is, how can I implement it using python-ldap? I searched for a while, but could not find an answer.


I find the solution, here is my code.

def ldap_modify_root():
    conn = ldap.initialize("ldapi://")
    old = {'olcRootPW': 'xxx'}
    new = {'olcRootPW': '{SSHA}/Z6e+b4L6ucglrlI4KsNaX142WDCH6de'}
    ldif = modlist.modifyModlist(old, new)
    dn = "olcDatabase={1}mdb,cn=config"
    conn.modify_s(dn, ldif)