Extended OperationsΒΆ

In the connection object are defined a set of extended operations in the ‘extend’ attribute.

Extended operations are logically grouped in by their use and vendor:

extend.standard
  extend.standard.who_am_i()
  extend.standard.modify_password(user, old_password, new_password)
  extend.standard.paged_search(search_base, search_filter, search_scope, dereference_aliases, attributes, size_limit, time_limit, types_only, get_operational_attributes, controls, paged_size, paged_criticality, generator)
extend.novell
  extend.novell.get_bind_dn()
  extend.novell.get_universal_password(user)
  extend.novell.set_universal_password(user, new_password)
extend.microsoft
  [None for now]

You can call the requested operation and get the extended result back as specified in the relevant rfc or documentation. The result dictionary is augmented with the specific keys of the extendedResponse.

Just call the extend operation in the usual way, for example:

c = Connection(....)
c.bind()
i_am = c.extend.standard.who_am_i()

The payload of these extended operation is properly encoded and decoded. When available you should get the response value as the return value of the function and as an additional field of the result dictionary

For example:

s = Server(...)
c = Connection(s, ...)
c.bind()
new_password = c.extend.standard.modify_password('cn=test1,o=test', 'old_password')  # a new password is generated by the server if compliant with RFC3062

The extend.standard.paged_search() operation is a convenient wrapper for the simple paged search as specified in the RFC2696. You can indicate how many entries will be read in the paged_size parameter (defaults to 100) and you get back a generator for the entries. If you set to False the generator parameter of the search will be fully executed before returning the results. If generator is set to True (the default) any subsequent search will be executed only when you read all the previous read entries, saving memory.

Novell extended operations are specific for the Novell (NetIq) eDirectory LDAP Server and return and set the universal password of the specified user.

Microsoft extended operations are intended for Active Directory. Ask for their implementation on the support site of ldap3.