python – cx_Oracle LDAP Connection String syntax

python – cx_Oracle LDAP Connection String syntax

I ended up going with jaydebeapi.

import pandas as pd 
import jaydebeapi
import jpype
import os
import sys

def run(f_name,command,username,pw ):
    args = -Djava.class.path=%s % jar
    jvm_path = jpype.getDefaultJVMPath()
    jpype.startJVM(jvm_path, args)
    con = jaydebeapi.connect(oracle.jdbc.driver.OracleDriver, jdbc:oracle:thin:@ldap://,cn=OracleContext,dc=prod,dc=company,dc=com,[username, pw], jar)
        df= pd.read_sql(command,con)
    except Exception as e:

def Run_Program(myvars):
    f_name = myvars.MyFileName
    command = myvars.plainTextEdit_CSVString.toPlainText()
    username = myvars.lineEdit_UserName.text()
    pw = myvars.lineEdit_Password.text()
    run(f_name,command,username,pw )

Saving the ojdbc8.jar file from Oracle Client in the same folder and specifying the location in the code. And also downgrading the module JPype1 to JPype1==0.6.3 (its installed as a requirement for jaydebeapi )

This worked well for packaging using pyinstaller so that it could be shared. (i created a pyqt5 UI for user to use.

Here are my two cents using Python 3.7 and cx_Oracle v.8.2.0 on Win 10.

I wanted to issue queries to an Oracle database using Python, and what I already had was :

  • a username (or schema)
  • a password
  • a JDBC connection string that looked like:
    jdbc:oracle:thin:@ldap://[LDAPHostname1]:[LDAPPort1]/[ServiceName],[DomainContext] ldap://[LDAPHostname2]:[LDAPPort2]/[ServiceName],[DomainContext]
    where the [DomainContext] was of the form cn=OracleContext,dc=foo,dc=bar

First, you have to install cx_Oracle by following the Oracle documentation.

Note that:

  • cx_Oracle requires a series of library files that are part of the Oracle Instant Client Basic or Basic Light package (available here). Lets say we unzip the package under C:pathtoinstant_client_xx_yy
  • Depending on the platform youre on, some other requirements are to be filled (like installing some Visual Studio redistributable on Windows)

For the LDAP part, there are two configuration files that are required:

  • sqlnet.ora : This is the profile configuration file for Oracle, but mine was simply containing :


    It tells the library to resolve names using LDAP only.

  • ldap.ora : This file tells where to look for when resolving names using LDAP. I knew I was accessing two OID servers, so mine was of the form :

    DIRECTORY_SERVERS=([LDAPHostname1]:[LDAPPort1], [LDAPHostname2]:[LDAPPort2])

    Important Note : I had to remove the cn=OracleContext from the DEFAULT_ADMIN_CONTEXT entry in order to make the name resolution work

    Lets say those two files were saved under C:pathtoconf

And now comes the Python part. I used the cx_Oracle.init_oracle_client() method in order to point to the library and configuration files. (Note that there are other ways to give cx_Oracle access to those files, like setting environment variables or putting those in predefined places. This is explained under the install guide)

Here is a little sample code:

import cx_Oracle

# username and password retrieved here

cx_Oracle.init_oracle_client(lib_dir=rC:pathtoinstant_client_xx_yy, config_dir=rC:pathtoconf)

    with cx_Oracle.connect(user=username, password=password, dsn=[ServiceName]) as connection:
        cursor = connection.cursor()
        cursor.execute(SELECT * FROM ALL_TAB_COLUMNS)
        # Outputs tables and columns accessible by the user
        for row in cursor:
            print(row[1], -, row[2])

except cx_Oracle.DatabaseError as e:
    print(Oracle Error, e)

python – cx_Oracle LDAP Connection String syntax

The short answer is that you use an ldap.ora configuration file and specify that it is to be used in your sqlnet.ora configuration file. Although this link talks about creating a database link and not directly connecting, the same principle applies and you can connect using any of the services referenced in your LDAP server.

Some more official documentation on how it works can be found here:

Leave a Reply

Your email address will not be published. Required fields are marked *