Active Directory and RefreshCache

From IronPython Cookbook

Certain attributes in Active Directory are not automatically exposed. ADSI does not provide a means to get them. Even though System.DirectoryServices from .NET does not provide it by default either, you can use System.DirectoryServices to load an attribute like tokenGroups attribute into the property cache and then get access to it.

To get the tokenGroups attribute.

import sys,System,clr

clr.AddReference("System.DirectoryServices")

def get_property(ldap_path,adproperty):
    aduser = System.DirectoryServices.DirectoryEntry(ldap_path)

    #send RefreshCache an array of strings
    aduser.RefreshCache(System.Array[str]( [adproperty] ))

    for i in aduser.Properties.Values: 
        if i.PropertyName == adproperty:
            return i.PropertyName,i.Value

user='joe'
ldap_path='LDAP://cn=%s,OU=a,DC=b,DC=c'%user
print get_property(ldap_path,'tokenGroups')


Back to Contents.

TOOLBOX
LANGUAGES