From 5813e93ddc0e648ff2004ada65c4fc46e06719de Mon Sep 17 00:00:00 2001 From: Dmitry Kovtun Date: Fri, 7 Jun 2024 10:56:28 +0300 Subject: [PATCH] =?UTF-8?q?=20=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?= =?UTF-8?q?=D0=BD=20=D0=A1=D0=BA=D1=80=D0=B8=D0=BF=D1=82=20=D0=B4=D0=BB?= =?UTF-8?q?=D1=8F=20=D0=BE=D1=82=D0=BE=D0=B1=D1=80=D0=B0=D0=B6=D0=B5=D0=BD?= =?UTF-8?q?=D0=B8=D1=8F=20=D0=9E=D1=80=D0=B3=D0=B0=D0=BD=D0=B8=D0=B7=D0=B0?= =?UTF-8?q?=D1=86=D0=B8=D0=BE=D0=BD=D0=BD=D1=8B=D0=B9=20=D1=81=D1=82=D1=80?= =?UTF-8?q?=D1=83=D0=BA=D1=82=D1=83=D1=80=D1=8B=20=D0=BF=D0=BE=D0=BB=D1=8C?= =?UTF-8?q?=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D1=8F=20=D0=B0=20?= =?UTF-8?q?=D1=82=D0=B0=D0=BA=D0=B6=D0=B5=20=D0=B2=D0=BD=D0=B5=D1=81=D0=B5?= =?UTF-8?q?=D0=BD=D1=8B=20=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD=D0=B5=D0=BD=D0=B8?= =?UTF-8?q?=D1=8F=20=D1=81=D0=BA=D1=80=D0=B8=D0=BF=D1=82=20=D1=81=D0=BE?= =?UTF-8?q?=D0=B7=D0=B4=D0=B0=D0=BD=D0=B8=D1=8F=20=D0=BF=D0=BE=D0=BB=D1=8C?= =?UTF-8?q?=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D1=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- create_ou_branch.py | 7 +++-- create_users.py | 9 ++++--- find_ms_group.py | 52 +++++++++++++++++++++++++++++++++++ get_users_data.py | 66 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 128 insertions(+), 6 deletions(-) create mode 100644 find_ms_group.py create mode 100644 get_users_data.py diff --git a/create_ou_branch.py b/create_ou_branch.py index 8aa5fe0..05b6eeb 100644 --- a/create_ou_branch.py +++ b/create_ou_branch.py @@ -136,8 +136,11 @@ if __name__ == "__main__": manager = Manager(smb, ad) date_file = manager.open_csv_file(PATH_CSV) if date_file is not None: - ou_add_list = [ i[5] for i in date_file] - ou_comp = [i[10] for i in date_file] + try: + ou_add_list = [ i[5] for i in date_file] + ou_comp = [i[10] for i in date_file] + except Exception as ex: + logging.error(ex) logging.info("run create ou") # manager.creat_branch_ou(ou_add_list)# Создаст структуру OU manager.creat_branch_ou(ou_add_list) diff --git a/create_users.py b/create_users.py index 0939311..c77e25c 100644 --- a/create_users.py +++ b/create_users.py @@ -99,10 +99,8 @@ class Samba_provaider(): cmd.append("--internet-address={}".format(data.get("wWWHomePage"))) if data.get("initials"): cmd.append("--initials={}".format(data.get("initials"))) - # if data.get("homeDirectory"): - # cmd.append("--home-directory={}".format(data.get("homeDirectory"))) cmd.append("--must-change-at-next-login") - cmd.append("--use-username-as-cn") + # cmd.append("--use-username-as-cn") cmd.append( "--userou={}".format(ou)) out = subprocess.call(cmd,restore_signals=True, shell=False) if out == 0: @@ -160,6 +158,9 @@ class Samba_provaider(): if data.get("co"): out_str.append("add: co") out_str.append("co: {}".format(data.get("co"))) + # if data.get("cn"): + # out_str.append("add: cn") + # out_str.append("cn: {}".format(data.get("cn"))) if data.get("mobile"): out_str.append("add: mobile") out_str.append("mobile: {}".format(data.get("mobile"))) @@ -180,7 +181,7 @@ class Samba_provaider(): with open("/tmp/{}.ldif".format(user), "w") as file: file.write("\n".join(out_str)) out = subprocess.call(cmd,restore_signals=True, shell=False) - print(out) + # print(out) if out == 0: return True return False diff --git a/find_ms_group.py b/find_ms_group.py new file mode 100644 index 0000000..30e65c4 --- /dev/null +++ b/find_ms_group.py @@ -0,0 +1,52 @@ +#!/usr/bin/python3 +from ldap3 import Server, Connection, ALL, NTLM, SUBTREE, SAFE_SYNC, BASE +# from samba.samdb import SamDB +# from samba.auth import system_session +# from samba.ndr import ndr_pack, ndr_unpack +# from samba.dcerpc import security +# import samba.param +import logging +from pprint import pprint +import json +import csv +import subprocess +import time + + + +class AD_provaider(): + def __init__(self, url:str, serch_tree:str, user, password) -> None: + logging.basicConfig(level=logging.DEBUG, format="%(asctime)s - %(levelname)s - %(message)s") + self.__server = Server(url) + self.__connect = Connection(self.__server, user, password) + self.__ad_serch_tree = serch_tree + if self.__connect.bind(): + logging.info("status connect AD.........ok") + else: + logging.warning("status connect AD.........error") + + + + def search_ms_ad(self, search_filter ,filter:list = ["*"])->dict: + logging.info("search >>>>>>>>>>>>>> AD") + self.__connect.search(self.__ad_serch_tree, search_filter, SUBTREE, attributes=filter) + response = self.__connect.response_to_json() + response = json.loads(response) + response = json.dumps(response, ensure_ascii="utf-8") + out = json.loads(response) + pprint(out, indent=4) + # return json.loads(response) + + +MS_AD_ADRESS = 'ldap://cp-vm-dc01.energo.ru' +SEARCH_FREE_MS = "dc=energo,dc=ru" +MS_USER = 'energo\\administrator' +PASSWORD = "P@sww0rd" +PATH_SCV = "List_groups.csv" + +SEARCH_FREE_SAMBA = "dc=lenenergo,dc=ru" + +ad = AD_provaider(MS_AD_ADRESS, SEARCH_FREE_MS, MS_USER, PASSWORD) + +# ad.search_ms_ad("(&(objectCategory=group)(name=test)(distinguishedName=CN=test,ou,base))") # Поиск + diff --git a/get_users_data.py b/get_users_data.py new file mode 100644 index 0000000..1235351 --- /dev/null +++ b/get_users_data.py @@ -0,0 +1,66 @@ +from ldap3 import Server, Connection, ALL, NTLM, SUBTREE, SAFE_SYNC, BASE +import logging +import json +from pprint import pprint + + +class AD_provaider(): + def __init__(self, url:str, serch_tree:str, user, password) -> None: + logging.basicConfig(level=logging.DEBUG, format="%(asctime)s - %(levelname)s - %(message)s") + self.__server = Server(url) + self.__connect = Connection(self.__server, user, password, authentication=NTLM) + self.__ad_serch_tree = serch_tree + if self.__connect.bind(): + logging.info("status connect AD.........ok") + else: + logging.warning("status connect AD.........error") + + + def search_ms_ad(self,search_filter ,filter:list = ["*"], dn = None)->dict: + logging.info("search >>>>>>>>>>>>>> AD") + if dn is not None: + self.__connect.search(dn, search_filter, SUBTREE, attributes=filter) + else: + self.__connect.search(self.__ad_serch_tree, search_filter, SUBTREE, attributes=filter) + response = self.__connect.response_to_json() + response = json.loads(response) + response = json.dumps(response, ensure_ascii="utf-8") + return json.loads(response) + + + + + +if __name__ == "__main__": + MS_AD_ADRESS = 'ldap://cp-vm-dc01.energo.ru' + SEARCH_FREE_MS = "dc=energo,dc=ru" + MS_USER = 'energo\\administrator' + PASSWORD = "P@sww0rd" + + + ad = AD_provaider(MS_AD_ADRESS, SEARCH_FREE_MS, MS_USER, PASSWORD) + + ################################################################# + users_list = [ + "bin", + "test", + "test_01" + ] # Здесь находятся список пользователей по которому мы ищем + ################################################################## + users = {} + users["Users"] = [] + for user in users_list: + data = ad.search_ms_ad(f"(sAMAccountName={user})") + user_js = data.get("entries")[0].get("attributes") + out = {} + out["sAMAccountName"] = user_js.get("sAMAccountName") + out["email"] = user_js.get("mail") + # out["groups"] = user_js.get("memberOf") + ou = [i for i in user_js.get("distinguishedName").split(",") if i.split("=")[0] != "CN" ] + out["ou"] = ",".join(str(ou).encode("utf-8")) + p = json.dumps(out, ensure_ascii=False) + dumps = json.loads(p) + users["Users"].append(out) + + with open("data_users.json", "w", encoding="utf-8") as f: + json.dump(users, f, indent=4, ensure_ascii=False)