Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

conn.extend.standard.paged_search is invalid in the AD domain service #1141

Open
Gu-f opened this issue Apr 18, 2024 · 0 comments
Open

conn.extend.standard.paged_search is invalid in the AD domain service #1141

Gu-f opened this issue Apr 18, 2024 · 0 comments

Comments

@Gu-f
Copy link

Gu-f commented Apr 18, 2024

AD and LDAP are similar in connection, but paged_search did not work properly on the AD service, and it did not pagination of data successfully. ldap3 is not well compatible with ad, is this as expected?
The following is the exception demo.

import time
from ldap3 import Server, Connection


def normal_search(conn, search_base, search_filter):
    results = conn.search(
        search_base=search_base,
        search_filter=search_filter,
        attributes='*',
        time_limit=60, paged_size=1, size_limit=1
    )
    return results


def abnormal_search(conn, search_base, search_filter):
    results = conn.extend.standard.paged_search(
        search_base=search_base,
        search_filter=search_filter,
        attributes='*',
        generator=False,
        time_limit=60, paged_size=1, size_limit=1
    )
    return results

print("==========AD service=========")
# AD service
server = Server('ldap://xxx.xxx.xxx.xxx:389')
with Connection(server, user=r'[email protected]', password='pass', read_only=True) as conn:
    search_base = 'dc=myadservice,dc=cn'
    search_filter = '(objectClass=organizationalPerson)'
    start_time = time.time()
    normal_search(conn, search_base, search_filter)
    print(len(conn.entries))
    print("AD-normal_search_time: ", time.time() - start_time)
    start_time = time.time()
    abnormal_search(conn,search_base, search_filter)
    print(len(conn.entries))
    print("AD-abnormal_search_time: ", time.time() - start_time)

print("==========LDAP service=========")
# LDAP service
server = Server('ldap://xxx.xxx.xxx.xxx:389')
with Connection(server, user=r'cn=admin,dc=myldapservice,dc=com', password='pass', read_only=True) as conn:
    search_base = 'DC=myldapservice,DC=com'
    search_filter = '(objectClass=inetOrgPerson)'
    start_time = time.time()
    normal_search(conn, search_base, search_filter)
    print(len(conn.entries))
    print("LDAP-normal_search_time: ", time.time() - start_time)
    start_time = time.time()
    abnormal_search(conn, search_base, search_filter)
    print(len(conn.entries))
    print("LDAP-abnormal_search_time: ", time.time() - start_time)

It will get the following output.

==========AD service=========
1
AD-normal_search_time:  0.011419534683227539
1807
AD-abnormal_search_time:  16.810152053833008
==========LDAP service=========
1
LDAP-normal_search_time:  0.00751495361328125
1
LDAP-abnormal_search_time:  0.014466285705566406

AD-abnormal_search got 1807 pieces of data, but I restricted paged_size=1, size_limit=1.
But the LDAP-abnormal_search is right.
Where they differ is in the specified services.
So this could be a bug...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Gu-f