72 lines
2.4 KiB
Python
72 lines
2.4 KiB
Python
#!/usr/bin/env python3
|
|
# -*- coding: utf-8 -*-
|
|
"""
|
|
直接測試LDAP認證
|
|
"""
|
|
|
|
import ldap3
|
|
from ldap3 import Server, Connection, ALL
|
|
|
|
def test_ldap_auth(username, password):
|
|
"""測試LDAP認證"""
|
|
try:
|
|
server = Server('panjit.com.tw', port=389, get_info=ALL)
|
|
bind_dn = "CN=LdapBind,CN=Users,DC=PANJIT,DC=COM,DC=TW"
|
|
bind_password = "panjit2481"
|
|
|
|
print(f"Testing LDAP authentication for: {username}")
|
|
|
|
# 建立服務帳號連線
|
|
service_conn = Connection(server, user=bind_dn, password=bind_password, auto_bind=True)
|
|
print("Service connection established")
|
|
|
|
# 搜尋使用者
|
|
search_base = "OU=PANJIT,DC=panjit,DC=com,DC=tw"
|
|
search_filter = f"(userPrincipalName={username})"
|
|
|
|
result = service_conn.search(search_base, search_filter,
|
|
attributes=['displayName', 'mail', 'department', 'distinguishedName'])
|
|
|
|
if not result or not service_conn.entries:
|
|
print("User not found in LDAP directory")
|
|
service_conn.unbind()
|
|
return False
|
|
|
|
user_entry = service_conn.entries[0]
|
|
user_dn = str(user_entry.distinguishedName)
|
|
|
|
print(f"Found user: {user_entry.displayName}")
|
|
print(f"DN: {user_dn}")
|
|
print(f"Email: {user_entry.mail}")
|
|
|
|
service_conn.unbind()
|
|
|
|
# 驗證使用者密碼
|
|
print("Testing password authentication...")
|
|
user_conn = Connection(server, user=user_dn, password=password)
|
|
|
|
if user_conn.bind():
|
|
print("Password authentication successful!")
|
|
user_conn.unbind()
|
|
return True
|
|
else:
|
|
print("Password authentication failed")
|
|
print(f"LDAP error: {user_conn.last_error}")
|
|
return False
|
|
|
|
except Exception as e:
|
|
print(f"LDAP test failed: {e}")
|
|
return False
|
|
|
|
if __name__ == '__main__':
|
|
# 測試已知的管理員帳號
|
|
username = 'ymirliu@panjit.com.tw'
|
|
password = 'ˇ3EDC4rfv5tgb'
|
|
|
|
print("=== LDAP Direct Authentication Test ===")
|
|
success = test_ldap_auth(username, password)
|
|
|
|
if success:
|
|
print("\nResult: LDAP authentication works correctly")
|
|
else:
|
|
print("\nResult: LDAP authentication failed - check credentials or connection") |