2ND

2025-09-02 13:11:48 +08:00
parent a60d965317
commit b11a8272c4
76 changed files with 15321 additions and 200 deletions
--- a/test_ldap_direct.py
+++ b/test_ldap_direct.py
@@ -0,0 +1,72 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""
+直接測試LDAP認證
+"""
+
+import ldap3
+from ldap3 import Server, Connection, ALL
+
+def test_ldap_auth(username, password):
+    """測試LDAP認證"""
+    try:
+        server = Server('panjit.com.tw', port=389, get_info=ALL)
+        bind_dn = "CN=LdapBind,CN=Users,DC=PANJIT,DC=COM,DC=TW"
+        bind_password = "panjit2481"
+        
+        print(f"Testing LDAP authentication for: {username}")
+        
+        # 建立服務帳號連線
+        service_conn = Connection(server, user=bind_dn, password=bind_password, auto_bind=True)
+        print("Service connection established")
+        
+        # 搜尋使用者
+        search_base = "OU=PANJIT,DC=panjit,DC=com,DC=tw"
+        search_filter = f"(userPrincipalName={username})"
+        
+        result = service_conn.search(search_base, search_filter, 
+                                   attributes=['displayName', 'mail', 'department', 'distinguishedName'])
+        
+        if not result or not service_conn.entries:
+            print("User not found in LDAP directory")
+            service_conn.unbind()
+            return False
+        
+        user_entry = service_conn.entries[0]
+        user_dn = str(user_entry.distinguishedName)
+        
+        print(f"Found user: {user_entry.displayName}")
+        print(f"DN: {user_dn}")
+        print(f"Email: {user_entry.mail}")
+        
+        service_conn.unbind()
+        
+        # 驗證使用者密碼
+        print("Testing password authentication...")
+        user_conn = Connection(server, user=user_dn, password=password)
+        
+        if user_conn.bind():
+            print("Password authentication successful!")
+            user_conn.unbind()
+            return True
+        else:
+            print("Password authentication failed")
+            print(f"LDAP error: {user_conn.last_error}")
+            return False
+            
+    except Exception as e:
+        print(f"LDAP test failed: {e}")
+        return False
+
+if __name__ == '__main__':
+    # 測試已知的管理員帳號
+    username = 'ymirliu@panjit.com.tw'
+    password = 'ˇ3EDC4rfv5tgb'
+    
+    print("=== LDAP Direct Authentication Test ===")
+    success = test_ldap_auth(username, password)
+    
+    if success:
+        print("\nResult: LDAP authentication works correctly")
+    else:
+        print("\nResult: LDAP authentication failed - check credentials or connection")