|
|
- #!/usr/bin/python2
- # coding=utf-8
-
- import ldap
- from proxmoxer import ProxmoxAPI
-
- pve_hosts = ['10.3.1.1', '10.2.1.1', '10.1.1.1']
- #pve_hosts = ['10.3.1.1']
-
-
- l = ldap.initialize("ldap://10.3.2.32:389")
- l.simple_bind_s("m.grebenkin@techgrow.local", "F5apmJ75GagMxc")
- ldap_result = l.search("CN=Users,DC=techgrow,DC=local", ldap.SCOPE_SUBTREE,
- "(&(objectClass=Person)(memberOf=CN=proxmox-admins,CN=Users,DC=techgrow,DC=local))", None)
- res_type, data = l.result(ldap_result)
- users = []
- # res_type
- for u in data:
- name = u[0].split(',')[0].split('=')[1]
- if u[1]['userAccountControl'][0] == '66048' or u[1]['userAccountControl'][0] == '512':
- users.append(name)
-
- #print users
-
- for host in pve_hosts:
- #print host
- proxmox = ProxmoxAPI(host, user='root@pam', password='Band@2014', verify_ssl=False)
- pve_users = proxmox.access.users.get()
- pve_usernames = []
- for u in pve_users:
- if 'techgrow.local' in u['userid']:
- pve_usernames.append(str(u['userid'].split('@')[0]))
- #print pve_usernames
- for u in users:
- userid = u + '@techgrow.local'
- if u not in pve_usernames:
- proxmox.access.users.post(userid=userid, groups='Admin')
- for u in pve_usernames:
- userid = u + '@techgrow.local'
- if u not in users:
- #print userid
- proxmox.access.users.delete(userid)
|