ldap3.protocol.formatters package

Submodules

ldap3.protocol.formatters.formatters module

ldap3.protocol.formatters.formatters.format_ad_timedelta(raw_value)[source]

Convert a negative filetime value to a timedelta.

ldap3.protocol.formatters.formatters.format_ad_timestamp(raw_value)[source]

Active Directory stores date/time values as the number of 100-nanosecond intervals that have elapsed since the 0 hour on January 1, 1601 till the date/time that is being stored. The time is always stored in Greenwich Mean Time (GMT) in the Active Directory.

ldap3.protocol.formatters.formatters.format_binary(raw_value)[source]
ldap3.protocol.formatters.formatters.format_boolean(raw_value)[source]
ldap3.protocol.formatters.formatters.format_integer(raw_value)[source]
ldap3.protocol.formatters.formatters.format_sid(raw_value)[source]
SID= “S-1-” IdentifierAuthority 1*SubAuthority
IdentifierAuthority= IdentifierAuthorityDec / IdentifierAuthorityHex
; If the identifier authority is < 2^32, the ; identifier authority is represented as a decimal ; number ; If the identifier authority is >= 2^32, ; the identifier authority is represented in ; hexadecimal
IdentifierAuthorityDec = 1*10DIGIT
; IdentifierAuthorityDec, top level authority of a ; security identifier is represented as a decimal number
IdentifierAuthorityHex = “0x” 12HEXDIG
; IdentifierAuthorityHex, the top-level authority of a ; security identifier is represented as a hexadecimal number
SubAuthority= “-” 1*10DIGIT
; Sub-Authority is always represented as a decimal number ; No leading “0” characters are allowed when IdentifierAuthority ; or SubAuthority is represented as a decimal number ; All hexadecimal digits must be output in string format, ; pre-pended by “0x”

Revision (1 byte): An 8-bit unsigned integer that specifies the revision level of the SID. This value MUST be set to 0x01. SubAuthorityCount (1 byte): An 8-bit unsigned integer that specifies the number of elements in the SubAuthority array. The maximum number of elements allowed is 15. IdentifierAuthority (6 bytes): A SID_IDENTIFIER_AUTHORITY structure that indicates the authority under which the SID was created. It describes the entity that created the SID. The Identifier Authority value {0,0,0,0,0,5} denotes SIDs created by the NT SID authority. SubAuthority (variable): A variable length array of unsigned 32-bit integers that uniquely identifies a principal relative to the IdentifierAuthority. Its length is determined by SubAuthorityCount.

ldap3.protocol.formatters.formatters.format_time(raw_value)[source]

From RFC4517: A value of the Generalized Time syntax is a character string representing a date and time. The LDAP-specific encoding of a value of this syntax is a restriction of the format defined in [ISO8601], and is described by the following ABNF:

GeneralizedTime = century year month day hour
[ minute [ second / leap-second ] ] [ fraction ] g-time-zone

century = 2(%x30-39) ; “00” to “99” year = 2(%x30-39) ; “00” to “99” month = ( %x30 %x31-39 ) ; “01” (January) to “09”

/ ( %x31 %x30-32 ) ; “10” to “12”
day = ( %x30 %x31-39 ) ; “01” to “09”
/ ( %x31-32 %x30-39 ) ; “10” to “29” / ( %x33 %x30-31 ) ; “30” to “31”

hour = ( %x30-31 %x30-39 ) / ( %x32 %x30-33 ) ; “00” to “23” minute = %x30-35 %x30-39 ; “00” to “59” second = ( %x30-35 %x30-39 ) ; “00” to “59” leap-second = ( %x36 %x30 ) ; “60” fraction = ( DOT / COMMA ) 1*(%x30-39) g-time-zone = %x5A ; “Z”

/ g-differential
g-differential = ( MINUS / PLUS ) hour [ minute ]
MINUS = %x2D ; minus sign (“-“)
ldap3.protocol.formatters.formatters.format_time_with_0_year(raw_value)[source]
ldap3.protocol.formatters.formatters.format_unicode(raw_value)[source]
ldap3.protocol.formatters.formatters.format_uuid(raw_value)[source]
ldap3.protocol.formatters.formatters.format_uuid_le(raw_value)[source]

ldap3.protocol.formatters.standard module

ldap3.protocol.formatters.standard.find_attribute_helpers(attr_type, name, custom_formatter)[source]

Tries to format following the OIDs info and format_helper specification. Search for attribute oid, then attribute name (can be multiple), then attribute syntax Precedence is: 1. attribute name 2. attribute oid(from schema) 3. attribute names (from oid_info) 4. attribute syntax (from schema) Custom formatters can be defined in Server object and have precedence over the standard_formatters If no formatter is found the raw_value is returned as bytes. Attributes defined as SINGLE_VALUE in schema are returned as a single object, otherwise are returned as a list of object Formatter functions can return any kind of object return a tuple (formatter, validator)

ldap3.protocol.formatters.standard.find_attribute_validator(schema, name, custom_validator)[source]
ldap3.protocol.formatters.standard.format_attribute_values(schema, name, values, custom_formatter)[source]

ldap3.protocol.formatters.validators module

ldap3.protocol.formatters.validators.always_valid(input_value)[source]
ldap3.protocol.formatters.validators.check_type(input_value, value_type)[source]
ldap3.protocol.formatters.validators.validate_ad_timedelta(input_value)[source]

Should be validated like an AD timestamp except that since it is a time delta, it is stored as a negative number.

ldap3.protocol.formatters.validators.validate_ad_timestamp(input_value)[source]

Active Directory stores date/time values as the number of 100-nanosecond intervals that have elapsed since the 0 hour on January 1, 1601 till the date/time that is being stored. The time is always stored in Greenwich Mean Time (GMT) in the Active Directory.

ldap3.protocol.formatters.validators.validate_boolean(input_value)[source]
ldap3.protocol.formatters.validators.validate_bytes(input_value)[source]
ldap3.protocol.formatters.validators.validate_generic_single_value(input_value)[source]
ldap3.protocol.formatters.validators.validate_guid(input_value)[source]

object guid in uuid format (Novell eDirectory)

ldap3.protocol.formatters.validators.validate_integer(input_value)[source]
ldap3.protocol.formatters.validators.validate_sid(input_value)[source]
SID= “S-1-” IdentifierAuthority 1*SubAuthority
IdentifierAuthority= IdentifierAuthorityDec / IdentifierAuthorityHex
; If the identifier authority is < 2^32, the ; identifier authority is represented as a decimal ; number ; If the identifier authority is >= 2^32, ; the identifier authority is represented in ; hexadecimal
IdentifierAuthorityDec = 1*10DIGIT
; IdentifierAuthorityDec, top level authority of a ; security identifier is represented as a decimal number
IdentifierAuthorityHex = “0x” 12HEXDIG
; IdentifierAuthorityHex, the top-level authority of a ; security identifier is represented as a hexadecimal number
SubAuthority= “-” 1*10DIGIT
; Sub-Authority is always represented as a decimal number ; No leading “0” characters are allowed when IdentifierAuthority ; or SubAuthority is represented as a decimal number ; All hexadecimal digits must be output in string format, ; pre-pended by “0x”

Revision (1 byte): An 8-bit unsigned integer that specifies the revision level of the SID. This value MUST be set to 0x01. SubAuthorityCount (1 byte): An 8-bit unsigned integer that specifies the number of elements in the SubAuthority array. The maximum number of elements allowed is 15. IdentifierAuthority (6 bytes): A SID_IDENTIFIER_AUTHORITY structure that indicates the authority under which the SID was created. It describes the entity that created the SID. The Identifier Authority value {0,0,0,0,0,5} denotes SIDs created by the NT SID authority. SubAuthority (variable): A variable length array of unsigned 32-bit integers that uniquely identifies a principal relative to the IdentifierAuthority. Its length is determined by SubAuthorityCount.

If you have a SID like S-a-b-c-d-e-f-g-…

Then the bytes are a (revision) N (number of dashes minus two) bbbbbb (six bytes of “b” treated as a 48-bit number in big-endian format) cccc (four bytes of “c” treated as a 32-bit number in little-endian format) dddd (four bytes of “d” treated as a 32-bit number in little-endian format) eeee (four bytes of “e” treated as a 32-bit number in little-endian format) ffff (four bytes of “f” treated as a 32-bit number in little-endian format)

ldap3.protocol.formatters.validators.validate_time(input_value)[source]
ldap3.protocol.formatters.validators.validate_time_with_0_year(input_value)[source]
ldap3.protocol.formatters.validators.validate_uuid(input_value)[source]

object entryUUID in uuid format

ldap3.protocol.formatters.validators.validate_uuid_le(input_value)[source]

Active Directory stores objectGUID in uuid_le format, follows RFC4122 and MS-DTYP: “{07039e68-4373-264d-a0a7-07039e684373}”: string representation big endian, converted to little endian (with or without brace curles) “689e030773434d26a7a007039e684373”: packet representation, already in little endian “89e;#d709e8#;”: bytes representation, already in little endian byte sequence: already in little endian

ldap3.protocol.formatters.validators.validate_zero_and_minus_one_and_positive_int(input_value)[source]

Accept -1 only (used by pwdLastSet in AD)

Module contents