Search code examples
pythonpython-3.xldapldap3

Python ldap3 create group

I am new to python and the ldap3 module. However I want to create a AD group in a specific OU. How can this be done?

# import class and constants
from ldap3 import Server, Connection, ALL

# define the server
s = Server('servername', get_info=ALL)  # define an unsecure LDAP server, 

# define the connection
c = Connection(s, user='user_dn', password='user_password')

ou = "OU=Staff,OU=RU,DC=DOMAIN,DC=LOCAL"
groupname="ADM_Local"
description="local group for access to IPA"

How can I add the group ADM_Localin the defined ou and add the description to the group? The documentation does not say anything about how its done: https://ldap3.readthedocs.io/tutorial_operations.html#create-an-entry

Solution

  • You need to use the groupOfNames structural objectClass (or derived). Note that depending on your ldap server implementation the member attribute may be required to prevent creating empty groups. 

    groupDN = 'cn=ADM_Local,ou=Staff,ou=RU,dc=domain,dc=local'
objectClass = 'groupOfNames'
attr = {
  'cn': 'ADM_Local',
  'member': 'uid=admin,ou=people,dc=domain,dc=local',
  'description': 'local group for access to IPA'
}

c.add(groupDN , objectClass , attr)