Fetch the LDAP group members using adaxes API

Question

hi Team, I have written the code in python to fetch the members in a given LDAP group using a Adaxes API and Python3.

Below is my code. I have sheilded the url and password with "-"'s

`#!/bin/python3
import requests
import json

baseUrl = "https://-----------/restApi"
endpoint = "/api/authSessions/create"

# Request parameters
requestUrl = baseUrl + endpoint
requestBody = {
    "username": "udathakarthic",
    "password": "--------"
}

# Make request
request = requests.post(requestUrl, json=requestBody)
token = json.loads(request.content)
print(token)


endpoint = "/api/directoryObjects/groupMembers"
# Request parameters
requestUrl = baseUrl + endpoint
requestHeaders = {"Adm-Authorization": token }
queryParams = {
    "group": "CN=GCS_Admins,OU=Unix/Linux Security,OU=Olathe,DC=ad,DC=garmin,DC=com",
    "includeIndirect": True
}

# Make request
request = requests.get(requestUrl, headers=requestHeaders, params=queryParams)
response = json.loads(request.content)
print(response)`

And below is the error I'm facing

{'sessionId': 'VmYOiKsaSBO-V879fZrSgvwckCYnkAdEvxUyWAkH', 'totpState': None, 'changePasswordReason': 0, 'expiresAtUtc': '2022-09-26T14:05:59.8180694Z'} Traceback (most recent call last): File "/usr/lib/python3.6/site-packages/requests/utils.py", line 868, in check_header_validity if not pat.match(value): TypeError: expected string or bytes-like object During handling of the above exception, another exception occurred: Traceback (most recent call last): File "edaxes.py", line 31, in <module> request = requests.get(requestUrl, headers=requestHeaders, params=queryParams) File "/usr/lib/python3.6/site-packages/requests/api.py", line 72, in get return request('get', url, params=params, **kwargs) File "/usr/lib/python3.6/site-packages/requests/api.py", line 58, in request return session.request(method=method, url=url, **kwargs) File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 516, in request prep = self.prepare_request(req) File "/usr/lib/python3.6/site-packages/requests/sessions.py", line 448, in prepare_request hooks=merge_hooks(request.hooks, self.hooks), File "/usr/lib/python3.6/site-packages/requests/models.py", line 303, in prepare self.prepare_headers(headers) File "/usr/lib/python3.6/site-packages/requests/models.py", line 443, in prepare_headers check_header_validity(header) File "/usr/lib/python3.6/site-packages/requests/utils.py", line 872, in check_header_validity "not %s" % (value, type(value))) requests.exceptions.InvalidHeader: Header value {'sessionId': 'VmYOiKsaSBO-V879fZrSgvwckCYnkAdEvxUyWAkH', 'totpState': None, 'changePasswordReason': 0, 'expiresAtUtc': '2022-09-26T14:05:59.8180694Z'} must be of type str or bytes, not <class 'dict'>

Answer 1

Hello,

The thing is that you are only creating the authentication session in your script. That is the first step for authentication. You need to then obtain the token and use it to perform the request. For details, have a look at section Obtain security token of the following article: http://adaxes.com/sdk/REST_Authentication/#obtain-security-token. Make sure to obtain the security token from the response. Passing the response itself into the request headers like you did will not work.

The PowerShell and C# examples for the full authentication process in the corresponding section of the same article might also be helpful.