ldap3.protocol.formatters package¶
Submodules¶
ldap3.protocol.formatters.formatters module¶
-
ldap3.protocol.formatters.formatters.
format_ad_timedelta
(raw_value)[source]¶ Convert a negative filetime value to a timedelta.
-
ldap3.protocol.formatters.formatters.
format_ad_timestamp
(raw_value)[source]¶ Active Directory stores date/time values as the number of 100-nanosecond intervals that have elapsed since the 0 hour on January 1, 1601 till the date/time that is being stored. The time is always stored in Greenwich Mean Time (GMT) in the Active Directory.
-
ldap3.protocol.formatters.formatters.
format_sid
(raw_value)[source]¶ - SID= “S-1-” IdentifierAuthority 1*SubAuthority
- IdentifierAuthority= IdentifierAuthorityDec / IdentifierAuthorityHex
- ; If the identifier authority is < 2^32, the ; identifier authority is represented as a decimal ; number ; If the identifier authority is >= 2^32, ; the identifier authority is represented in ; hexadecimal
- IdentifierAuthorityDec = 1*10DIGIT
- ; IdentifierAuthorityDec, top level authority of a ; security identifier is represented as a decimal number
- IdentifierAuthorityHex = “0x” 12HEXDIG
- ; IdentifierAuthorityHex, the top-level authority of a ; security identifier is represented as a hexadecimal number
- SubAuthority= “-” 1*10DIGIT
- ; Sub-Authority is always represented as a decimal number ; No leading “0” characters are allowed when IdentifierAuthority ; or SubAuthority is represented as a decimal number ; All hexadecimal digits must be output in string format, ; pre-pended by “0x”
Revision (1 byte): An 8-bit unsigned integer that specifies the revision level of the SID. This value MUST be set to 0x01. SubAuthorityCount (1 byte): An 8-bit unsigned integer that specifies the number of elements in the SubAuthority array. The maximum number of elements allowed is 15. IdentifierAuthority (6 bytes): A SID_IDENTIFIER_AUTHORITY structure that indicates the authority under which the SID was created. It describes the entity that created the SID. The Identifier Authority value {0,0,0,0,0,5} denotes SIDs created by the NT SID authority. SubAuthority (variable): A variable length array of unsigned 32-bit integers that uniquely identifies a principal relative to the IdentifierAuthority. Its length is determined by SubAuthorityCount.
-
ldap3.protocol.formatters.formatters.
format_time
(raw_value)[source]¶ From RFC4517: A value of the Generalized Time syntax is a character string representing a date and time. The LDAP-specific encoding of a value of this syntax is a restriction of the format defined in [ISO8601], and is described by the following ABNF:
- GeneralizedTime = century year month day hour
- [ minute [ second / leap-second ] ] [ fraction ] g-time-zone
century = 2(%x30-39) ; “00” to “99” year = 2(%x30-39) ; “00” to “99” month = ( %x30 %x31-39 ) ; “01” (January) to “09”
/ ( %x31 %x30-32 ) ; “10” to “12”- day = ( %x30 %x31-39 ) ; “01” to “09”
- / ( %x31-32 %x30-39 ) ; “10” to “29” / ( %x33 %x30-31 ) ; “30” to “31”
hour = ( %x30-31 %x30-39 ) / ( %x32 %x30-33 ) ; “00” to “23” minute = %x30-35 %x30-39 ; “00” to “59” second = ( %x30-35 %x30-39 ) ; “00” to “59” leap-second = ( %x36 %x30 ) ; “60” fraction = ( DOT / COMMA ) 1*(%x30-39) g-time-zone = %x5A ; “Z”
/ g-differential- g-differential = ( MINUS / PLUS ) hour [ minute ]
- MINUS = %x2D ; minus sign (“-“)
ldap3.protocol.formatters.standard module¶
-
ldap3.protocol.formatters.standard.
find_attribute_helpers
(attr_type, name, custom_formatter)[source]¶ Tries to format following the OIDs info and format_helper specification. Search for attribute oid, then attribute name (can be multiple), then attribute syntax Precedence is: 1. attribute name 2. attribute oid(from schema) 3. attribute names (from oid_info) 4. attribute syntax (from schema) Custom formatters can be defined in Server object and have precedence over the standard_formatters If no formatter is found the raw_value is returned as bytes. Attributes defined as SINGLE_VALUE in schema are returned as a single object, otherwise are returned as a list of object Formatter functions can return any kind of object return a tuple (formatter, validator)
ldap3.protocol.formatters.validators module¶
-
ldap3.protocol.formatters.validators.
validate_ad_timedelta
(input_value)[source]¶ Should be validated like an AD timestamp except that since it is a time delta, it is stored as a negative number.
-
ldap3.protocol.formatters.validators.
validate_ad_timestamp
(input_value)[source]¶ Active Directory stores date/time values as the number of 100-nanosecond intervals that have elapsed since the 0 hour on January 1, 1601 till the date/time that is being stored. The time is always stored in Greenwich Mean Time (GMT) in the Active Directory.
-
ldap3.protocol.formatters.validators.
validate_guid
(input_value)[source]¶ object guid in uuid format (Novell eDirectory)
-
ldap3.protocol.formatters.validators.
validate_sid
(input_value)[source]¶ - SID= “S-1-” IdentifierAuthority 1*SubAuthority
- IdentifierAuthority= IdentifierAuthorityDec / IdentifierAuthorityHex
- ; If the identifier authority is < 2^32, the ; identifier authority is represented as a decimal ; number ; If the identifier authority is >= 2^32, ; the identifier authority is represented in ; hexadecimal
- IdentifierAuthorityDec = 1*10DIGIT
- ; IdentifierAuthorityDec, top level authority of a ; security identifier is represented as a decimal number
- IdentifierAuthorityHex = “0x” 12HEXDIG
- ; IdentifierAuthorityHex, the top-level authority of a ; security identifier is represented as a hexadecimal number
- SubAuthority= “-” 1*10DIGIT
- ; Sub-Authority is always represented as a decimal number ; No leading “0” characters are allowed when IdentifierAuthority ; or SubAuthority is represented as a decimal number ; All hexadecimal digits must be output in string format, ; pre-pended by “0x”
Revision (1 byte): An 8-bit unsigned integer that specifies the revision level of the SID. This value MUST be set to 0x01. SubAuthorityCount (1 byte): An 8-bit unsigned integer that specifies the number of elements in the SubAuthority array. The maximum number of elements allowed is 15. IdentifierAuthority (6 bytes): A SID_IDENTIFIER_AUTHORITY structure that indicates the authority under which the SID was created. It describes the entity that created the SID. The Identifier Authority value {0,0,0,0,0,5} denotes SIDs created by the NT SID authority. SubAuthority (variable): A variable length array of unsigned 32-bit integers that uniquely identifies a principal relative to the IdentifierAuthority. Its length is determined by SubAuthorityCount.
If you have a SID like S-a-b-c-d-e-f-g-…
Then the bytes are a (revision) N (number of dashes minus two) bbbbbb (six bytes of “b” treated as a 48-bit number in big-endian format) cccc (four bytes of “c” treated as a 32-bit number in little-endian format) dddd (four bytes of “d” treated as a 32-bit number in little-endian format) eeee (four bytes of “e” treated as a 32-bit number in little-endian format) ffff (four bytes of “f” treated as a 32-bit number in little-endian format)
-
ldap3.protocol.formatters.validators.
validate_uuid
(input_value)[source]¶ object entryUUID in uuid format
-
ldap3.protocol.formatters.validators.
validate_uuid_le
(input_value)[source]¶ Active Directory stores objectGUID in uuid_le format, follows RFC4122 and MS-DTYP: “{07039e68-4373-264d-a0a7-07039e684373}”: string representation big endian, converted to little endian (with or without brace curles) “689e030773434d26a7a007039e684373”: packet representation, already in little endian “89e;#d709e8#;”: bytes representation, already in little endian byte sequence: already in little endian