I am implementing some login procedure based on an active directory. The user will type in his mail.
I was already successful finding the users db entry in the AD with the mail - I searched for:
(& (mail={0})(objectClass=organizationalPerson))
and got a lot of attributes about the user.
But to check its password I need to execute a bind operation. And to do so I need the login name, or DN.
How do I resolve / get the login name of a user that I already found by it's email address using python ldap3?
After executing conn.search(...) you can get the users DN with
conn.response[0]['dn']
Don't worry if it looks like
CN=username,OU=city,OU=company,DC=domain,DC=domain_ending
This is the DN. Also remember not not use authentication=NTLM when you log in with the DN. You might have used authentication=NTLM when binding the admin user to search with. Maybe the username is gives as DOMAIN\adminuser. But that is not a DN! The DN looks like the example above.