zayavka-samba-ad/proxmox.py

#!/usr/bin/python2
# coding=utf-8

import ldap
from proxmoxer import ProxmoxAPI

pve_hosts = ['10.3.1.1', '10.2.1.1', '10.1.1.1']
#pve_hosts = ['10.3.1.1']


l = ldap.initialize("ldap://10.3.2.32:389")
l.simple_bind_s("m.grebenkin@techgrow.local", "F5apmJ75GagMxc")
ldap_result = l.search("CN=Users,DC=techgrow,DC=local", ldap.SCOPE_SUBTREE,
                       "(&(objectClass=Person)(memberOf=CN=proxmox-admins,CN=Users,DC=techgrow,DC=local))", None)
res_type, data = l.result(ldap_result)
users = []
# res_type
for u in data:
    name = u[0].split(',')[0].split('=')[1]
    if u[1]['userAccountControl'][0] == '66048' or u[1]['userAccountControl'][0] == '512':
        users.append(name)

#print users

for host in pve_hosts:
    #print host
    proxmox = ProxmoxAPI(host, user='root@pam', password='Band@2014', verify_ssl=False)
    pve_users = proxmox.access.users.get()
    pve_usernames = []
    for u in pve_users:
        if 'techgrow.local' in u['userid']:
            pve_usernames.append(str(u['userid'].split('@')[0]))
    #print pve_usernames
    for u in users:
        userid = u + '@techgrow.local'
        if u not in pve_usernames:
            proxmox.access.users.post(userid=userid, groups='Admin')
    for u in pve_usernames:
        userid = u + '@techgrow.local'
        if u not in users:
            #print userid
            proxmox.access.users.delete(userid)