adding group using python-ldap

Question

i need to add group with several members. so i use this code below

import ldap
import ldap.modlist as modlist

# Open a connection
l = ldap.initialize("ldap://localhost:389/")

# Bind/authenticate with a user with apropriate rights to add objects
l.simple_bind_s("cn=manager,dc=maxcrc,dc=com","secret")

# The dn of our new entry/object
dn="cn=semuaFK,ou=group,dc=maxcrc,dc=com" 

# A dict to help build the "body" of the object
attrs = {}
attrs['objectclass'] = ['top','groupofnames']
attrs['member'] = 'cn=user1,ou=people,dc=maxcrc,dc=com'
attrs['member'] = 'cn=user2,ou=people,dc=maxcrc,dc=com'
attrs['description'] = 'ini group untuk semua dosen dokter'

# Convert our dict to nice syntax for the add-function using modlist-module
ldif = modlist.addModlist(attrs)

# Do the actual synchronous add-operation to the ldapserver
l.add_s(dn,ldif)

# Its nice to the server to disconnect and free resources when done
l.unbind_s()

adding member into group

attrs['member'] = 'cn=user1,ou=people,dc=maxcrc,dc=com'
attrs['member'] = 'cn=user2,ou=people,dc=maxcrc,dc=com'

but the result is a group with just one member. Only the user2 is added to the group. How to make a group, also add several members to it

Answer 1

member is a multi-valued attribute (just like objectClass). From looking at your code, the problem seems to be that you overwrite the value of the member attribute with the 2nd line. The code should be something like this:

attrs['member'] = [ 'cn=users1,ou=people,dc=maxcrc,dc=com', 'cn=users2,ou=people,dc=maxcrc,dc=com' ]`

or

attrs['member'] = [ 'cn=users1,ou=people,dc=maxcrc,dc=com' ]
attrs['member'] += 'cn=users2,ou=people,dc=maxcrc,dc=com'