import ldap
server = "ldap.xyz.com"
basedn = "ou=People,dc=xyz,dc=com"
def ldap_check(user, passw):
try:
l = ldap.open(server)
# guess full common name from wikiname
# eg. "AndrewBaumann" -> "Andrew Baumann"
cut = 0
for c in range(1,len(user)):
if user[c].isupper():
cut = c
commonname = user[:cut] + " " + user[cut:]
# Any errors will throw an ldap.LDAPError exception
# or related exception so you can ignore the result
# first bind anonymously to the server
l.simple_bind_s()
# then do a search on the common name or userid to find the UID
filter = "(|(cn=%s)(uid=%s))" % (commonname, user)
res = l.search_s(basedn, ldap.SCOPE_ONELEVEL, filter)
if (len(res) == 0):
return False # no matching name in LDAP
# extract their user ID
try:
userid = res[0][1]['uid'][0]
except IndexError, KeyError:
return False # something screwed up with the search?
# now try authenticated bind as their user with the password
res = l.simple_bind_s("uid=" + userid + "," + basedn, passw)
if (res == None):
return True
else:
return False
except ldap.LDAPError, e:
# print e
# handle error however you like
return False 