Historically, using LDAP in python could be fairly painful because you had to install python-ldap, which could be hard depending on your environment. E.g. getting that installed in a Jupyter notebook where I work proved impossible without changing the underlying docker image for the notebook.
Most search results will still lead you to python-dap, but now you can and should use python-ldap3 instead. This library is pure-python and does not have any awkward OS dependencies. So, it “just works” and is much lighter.
Here is an example of how to login with a service account and query a user via email.
import ldap3 # Put in params up top. SERVICE_ACCOUNT="<user>" SERVICE_ACCOUNT_PASSWORD="<password>" LDAP_URI="ldaps://<your-ldap-dns>:636" search_base = 'DC=foo,DC=bar' search_filter = '(&(email@example.com))' attrs = ["*"] server = ldap3.Server(LDAP_URI) with ldap3.Connection(server, auto_bind=True, user=SERVICE_ACCOUNT, password=SERVICE_ACCOUNT_PASSWORD) as conn: conn.search(search_base, search_filter, attributes=attrs) print(len(conn.entries))
To run this, you just have to do a quick pip install as shown below. I recommend you use the latest version; but I locked it here just to remind you that locking a version is smart in most python projects. Version drift causes many production issues.
pip install ldap3==2.9.1