The following tutorial column from golang will introduce to you how to connect Golang to Ldap. I hope it will be helpful to friends in need!
Today I will write about how Golang connects to ldap
Golang has some ldap packages, I use
go get -u "gopkg.in/ldap.v2"
My ldap environment:
rootdn: uid=admin,dc=wjq,dc=com password: openldap
dn: dc=wjq,dc=com dc: wjq objectClass: top objectClass: domain dn: ou=Group,dc=wjq,dc=com ou: Group objectClass: top objectClass: organizationalUnit dn: ou=People,dc=wjq,dc=com ou: People objectClass: top objectClass: organizationalUnit dn: uid=admin,dc=wjq,dc=com uid: admin objectClass: top objectClass: account
A group and a user:
#组信息 dn: cn=test,ou=Group,dc=wjq,dc=com gidNumber: 1003 cn: test objectClass: posixGroup #用户信息 dn: uid=test,ou=People,dc=wjq,dc=com uidNumber: 1009 gidNumber: 1003 gecos: test homeDirectory: /home/test uid: test shadowMin: 0 shadowMax: 99999 shadowWarning: 7 loginShell: /bin/bash shadowInactive: -1 shadowExpire: -1 shadowFlag: -1 objectClass: posixAccount objectClass: shadowAccount objectClass: account cn: test userPassword:: e1NTSEF9d053TWhYRTR4STJUUmpJWm5MTkF4VFlBTFhJdStaZ0Q= shadowLastChange: 17858
golang processing steps are as follows:
1. ldap .Dail #This step is the underlying connection
2. ldap.Bind #Similar to username and password authentication
3. Operations such as query, delete, add user
Step one: Dail
## Dail has two parameters network, address, return (*Conn, error) network: refers to the network Protocol tcp, udp address: It is the address to be connected to the bottom layer and needs to have a port numbercon, err := ldap.Dial("tcp", "127.0.0.1:389")
Step 2: Authentication
Bind(rootdn, password) (error)berror := conn.Bind("uid=admin,dc=wjq,dc=com", "openldap")
Step 3: Operation;
The operation is very unique, I think Maybe it is the characteristics of golang language, such as query, ldap provides a query structure--ldap.NewSearchRequest, as long as we fill in the data and then call ldap.Search Add, ldap Provide an added structure -- ldap.NewAddRequest, fill in the data, and then call ldap.Add to delete, ldap provides a deletion structure -- ldap.NewDelRequest, and then call ldap.Del User password modification, ldap provides a structure for modifying user passwords -- ldap.NewPasswordModifyRequest, and then calls ldap.PasswordModify This is very unique, let’s take a look: Query user group NewSearchRequest:func NewSearchRequest( BaseDN string, Scope, DerefAliases, SizeLimit, TimeLimit int, TypesOnly bool, Filter string, Attributes []string, Controls []Control, ) *SearchRequest
Create the SearchRequest structure:
srsql := ldap.NewSearchRequest("ou=Group,dc=wjq,dc=com", ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, "(&(objectClass=posixGroup))", []string{"dn", "cn", "uid"}, nil)
Execute Search and obtain the results (in cur.Entries):
cur, er := l.Search(srsql) if er != nil { log.Fatalln(er) } if (len(cur.Entries) > 0){ for _, item := range cur.Entries { cn := item.GetAttributeValue("cn") if cn == "" { cn = item.GetAttributeValue("uid") } fmt.Println(cn) } }
sql := ldap.NewAddRequest("uid=wujq,ou=People,dc=wjq,dc=com") sql.Attribute("uidNumber", []string{"1010"}) sql.Attribute("gidNumber", []string{"1003"}) sql.Attribute("userPassword", []string{"123456"}) sql.Attribute("homeDirectory", []string{"/home/wujq"}) sql.Attribute("cn", []string{"wujq"}) sql.Attribute("uid", []string{"wujq"}) sql.Attribute("objectClass", []string{"shadowAccount", "posixAccount", "account"}) er := ldapcon.Add(sql)
The above is the detailed content of How to connect Ldap in Golang. For more information, please follow other related articles on the PHP Chinese website!