ldap.schema Handling LDAPv3 schema

This module deals with schema information usually retrieved from a special subschema subentry provided by the server. It is closely modeled along the directory information model described in the following RFC with which you should make yourself familiar when trying to use this module:

See also

RFC 4512 - Lightweight Directory Access Protocol (LDAP): Directory Information Models

ldap.schema.subentry Processing LDAPv3 subschema subentry

ldap.schema.subentry.NOT_HUMAN_READABLE_LDAP_SYNTAXES

Dictionary where the keys are the OIDs of LDAP syntaxes known to be not human-readable when displayed to a console without conversion and which cannot be decoded to a types.UnicodeType.

Functions

ldap.schema.subentry.urlfetch(uri, trace_level=0)

Fetches a parsed schema entry by uri.

If uri is a LDAP URL the LDAP server is queried directly. Otherwise uri is assumed to point to a LDIF file which is loaded with urllib.

Classes

class ldap.schema.subentry.SubSchema(sub_schema_sub_entry, check_uniqueness=1)

Arguments:

sub_schema_sub_entry

Dictionary usually returned by LDAP search or the LDIF parser containing the sub schema sub entry

check_uniqueness

Defines whether uniqueness of OIDs and NAME is checked.

0

no check

1

check but add schema description with work-around

2

check and raise exception if non-unique OID or NAME is found

Class attributes:

sed

Dictionary holding the subschema information as pre-parsed SchemaElement objects (do not access directly!)

name2oid

Dictionary holding the mapping from NAMEs to OIDs (do not access directly!)

non_unique_oids

List of OIDs used at least twice in the subschema

non_unique_names

List of NAMEs used at least twice in the subschema for the same schema element

attribute_types(object_class_list, attr_type_filter=None, raise_keyerror=1, ignore_dit_content_rule=0)

Returns a 2-tuple of all must and may attributes including all inherited attributes of superior object classes by walking up classes along the SUP attribute.

The attributes are stored in a ldap.cidict.cidict dictionary.

object_class_list

list of strings specifying object class names or OIDs

attr_type_filter

list of 2-tuples containing lists of class attributes which has to be matched

raise_keyerror

All KeyError exceptions for non-existent schema elements are ignored

ignore_dit_content_rule

A DIT content rule governing the structural object class is ignored

get_applicable_aux_classes(nameoroid)

Return a list of the applicable AUXILIARY object classes for a STRUCTURAL object class specified by ‘nameoroid’ if the object class is governed by a DIT content rule. If there’s no DIT content rule all available AUXILIARY object classes are returned.

get_inheritedattr(se_class, nameoroid, name)

Get a possibly inherited attribute specified by name of a schema element specified by nameoroid. Returns None if class attribute is not set at all.

Raises KeyError if no schema element is found by nameoroid.

get_inheritedobj(se_class, nameoroid, inherited=None)

Get a schema element by name or OID with all class attributes set including inherited class attributes

get_obj(se_class, nameoroid, default=None, raise_keyerror=0)

Get a schema element by name or OID

get_structural_oc(oc_list)

Returns OID of structural object class in oc_list if any is present. Returns None else.

get_syntax(nameoroid)

Get the syntax of an attribute type specified by name or OID

getoid(se_class, nameoroid, raise_keyerror=0)

Get an OID by name or OID

ldap_entry()

Returns a dictionary containing the sub schema sub entry

listall(schema_element_class, schema_element_filters=None)

Returns a list of OIDs of all available schema elements of a given schema element class.

tree(schema_element_class, schema_element_filters=None)

Returns a ldap.cidict.cidict dictionary representing the tree structure of the schema elements.

ldap.schema.models Schema elements

class ldap.schema.models.Entry(schema, dn, entry)

Schema-aware implementation of an LDAP entry class.

Mainly it holds the attributes in a string-keyed dictionary with the OID as key.

attribute_types(attr_type_filter=None, raise_keyerror=1)

Convenience wrapper around SubSchema.attribute_types() which passes object classes of this particular entry as argument to SubSchema.attribute_types()

class ldap.schema.models.SchemaElement(schema_element_str=None)

Base class for all schema element classes. Not used directly!

Arguments:

schema_element_str

String which contains the schema element description to be parsed.

Class attributes:

schema_attribute

LDAP attribute type containing a certain schema element description

token_defaults

Dictionary internally used by the schema element parser containing the defaults for certain schema description key-words

class ldap.schema.models.AttributeType(schema_element_str=None)

Arguments:

schema_element_str

String containing an AttributeTypeDescription

Class attributes:

oid

OID assigned to the attribute type

names

This list of strings contains all NAMEs of the attribute type

desc

This string contains description text (DESC) of the attribute type

obsolete

Integer flag (0 or 1) indicating whether the attribute type is marked as OBSOLETE in the schema

single_value

Integer flag (0 or 1) indicating whether the attribute must have only one value

syntax

String contains OID of the LDAP syntax assigned to the attribute type

no_user_mod

Integer flag (0 or 1) indicating whether the attribute is modifiable by a client application

equality

String contains NAME or OID of the matching rule used for checking whether attribute values are equal

substr

String contains NAME or OID of the matching rule used for checking whether an attribute value contains another value

ordering

String contains NAME or OID of the matching rule used for checking whether attribute values are lesser-equal than

usage

USAGE of an attribute type: 0 = userApplications 1 = directoryOperation, 2 = distributedOperation, 3 = dSAOperation

sup

This list of strings contains NAMEs or OIDs of attribute types this attribute type is derived from

class ldap.schema.models.ObjectClass(schema_element_str=None)

Arguments:

schema_element_str

String containing an ObjectClassDescription

Class attributes:

oid

OID assigned to the object class

names

This list of strings contains all NAMEs of the object class

desc

This string contains description text (DESC) of the object class

obsolete

Integer flag (0 or 1) indicating whether the object class is marked as OBSOLETE in the schema

must

This list of strings contains NAMEs or OIDs of all attributes an entry of the object class must have

may

This list of strings contains NAMEs or OIDs of additional attributes an entry of the object class may have

kind

Kind of an object class: 0 = ABSTRACT, 1 = STRUCTURAL, 2 = AUXILIARY

sup

This list of strings contains NAMEs or OIDs of object classes this object class is derived from

class ldap.schema.models.MatchingRule(schema_element_str=None)

Arguments:

schema_element_str

String containing an MatchingRuleDescription

Class attributes:

oid

OID assigned to the matching rule

names

This list of strings contains all NAMEs of the matching rule

desc

This string contains description text (DESC) of the matching rule

obsolete

Integer flag (0 or 1) indicating whether the matching rule is marked as OBSOLETE in the schema

syntax

String contains OID of the LDAP syntax this matching rule is usable with

class ldap.schema.models.MatchingRuleUse(schema_element_str=None)

Arguments:

schema_element_str

String containing an MatchingRuleUseDescription

Class attributes:

oid

OID of the accompanying matching rule

names

This list of strings contains all NAMEs of the matching rule

desc

This string contains description text (DESC) of the matching rule

obsolete

Integer flag (0 or 1) indicating whether the matching rule is marked as OBSOLETE in the schema

applies

This list of strings contains NAMEs or OIDs of attribute types for which this matching rule is used

class ldap.schema.models.DITContentRule(schema_element_str=None)

Arguments:

schema_element_str

String containing an DITContentRuleDescription

Class attributes:

oid

OID of the accompanying structural object class

names

This list of strings contains all NAMEs of the DIT content rule

desc

This string contains description text (DESC) of the DIT content rule

obsolete

Integer flag (0 or 1) indicating whether the DIT content rule is marked as OBSOLETE in the schema

aux

This list of strings contains NAMEs or OIDs of all auxiliary object classes usable in an entry of the object class

must

This list of strings contains NAMEs or OIDs of all attributes an entry of the object class must have which may extend the list of required attributes of the object classes of an entry

may

This list of strings contains NAMEs or OIDs of additional attributes an entry of the object class may have which may extend the list of optional attributes of the object classes of an entry

nots

This list of strings contains NAMEs or OIDs of attributes which may not be present in an entry of the object class

class ldap.schema.models.NameForm(schema_element_str=None)

Arguments:

schema_element_str

String containing an NameFormDescription

Class attributes:

oid

OID of the name form

names

This list of strings contains all NAMEs of the name form

desc

This string contains description text (DESC) of the name form

obsolete

Integer flag (0 or 1) indicating whether the name form is marked as OBSOLETE in the schema

form

List of strings with NAMEs or OIDs of associated name forms

oc

String with NAME or OID of structural object classes this name form is usable with

must

This list of strings contains NAMEs or OIDs of all attributes an RDN must contain

may

This list of strings contains NAMEs or OIDs of additional attributes an RDN may contain

class ldap.schema.models.DITStructureRule(schema_element_str=None)

Arguments:

schema_element_str

String containing an DITStructureRuleDescription

Class attributes:

ruleid

rule ID of the DIT structure rule (only locally unique)

names

This list of strings contains all NAMEs of the DIT structure rule

desc

This string contains description text (DESC) of the DIT structure rule

obsolete

Integer flag (0 or 1) indicating whether the DIT content rule is marked as OBSOLETE in the schema

form

List of strings with NAMEs or OIDs of associated name forms

sup

List of strings with NAMEs or OIDs of allowed structural object classes of superior entries in the DIT

Examples for ldap.schema

import ldap.schema