I am writing a command line tool in python to generate one time passwords/tokens. The command line tool will have certain sub-commands like
--list-all-tokens for example. I want to restrict access to certain sub-commands. In this case, when user tries to generate a new token, I want him/her to authenticate against AD server first.
I have looked at python-ldap and I am even able to bind to the AD server. In my application I have a function
def authenticate_user(username, password): pass
which gets username and plain-text password. How do I use the LDAPObject instance to validate these credentials?