Whats the most secure way I can use python-ldap in my script to connect to my ldap server?

Question

Whats the most secure way I can use python-ldap in my script to connect to my ldap server?

667 views Asked by Joey Corkey At 30 August 2017 at 13:22

I have a script that is using the python-ldap module.

Here is my basic code that makes a connection to my ldap server:

server = 'ldap://example.com'
dn = 'uid=user1,cn=users,cn=accounts,dc=example,dc=com'
pw = "password!"

con = ldap.initialize(server)

con.start_tls_s()
con.simple_bind_s(dn,pw)

This works...but does the actual literal password have to be stored in the variable pw?? it seems like a bad idea to have a password stored right there in a script.

Is there a way to make a secure connection to my ldap server without needing to store my actual password in the script??

Original Q&A

There are 1 answers

**Petey_Woof** · Answer 1 · 2019-09-13 15:18:08

Placing the password in a separate file with restricted permissions is pretty much it. You can for example source that file from the main script:

. /usr/local/etc/secret-password-here

You could also restrict the permissions of the main script so that only authorized persons can execute it, but it's probably better to do as you suggest and store only the password itself in a restricted file. That way you can allow inspection of the code itself (without sensitive secrets), version-control and copy around the script more easily, etc...

TechQA.

Whats the most secure way I can use python-ldap in my script to connect to my ldap server?

There are 1 answers

Related Questions in PYTHON-2.7

Related Questions in LDAP

Related Questions in OPENLDAP

Related Questions in LDAP-QUERY

Related Questions in PYTHON-LDAP

Popular Questions

Popular Tags

Trending Questions