From 5a779b2f16b986e66a2b6160755192c0782bf10f Mon Sep 17 00:00:00 2001
From: Mikhail Grebenkin <mix@m14xa.ru>
Date: Mon, 25 Feb 2019 15:17:21 +0300
Subject: [PATCH] added proxmox and ldap group sync

---
 proxmox.py        | 42 ++++++++++++++++++++++++++++++++++++++++++
 zayavka_reader.py |  3 ++-
 2 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 proxmox.py

diff --git a/proxmox.py b/proxmox.py
new file mode 100644
index 0000000..ba649f3
--- /dev/null
+++ b/proxmox.py
@@ -0,0 +1,42 @@
+#!/usr/bin/python2
+# coding=utf-8
+
+import ldap
+from proxmoxer import ProxmoxAPI
+
+pve_hosts = ['10.3.1.1', '10.2.1.1', '10.1.1.1']
+#pve_hosts = ['10.3.1.1']
+
+
+l = ldap.initialize("ldap://10.3.2.32:389")
+l.simple_bind_s("m.grebenkin@techgrow.local", "F5apmJ75GagMxc")
+ldap_result = l.search("CN=Users,DC=techgrow,DC=local", ldap.SCOPE_SUBTREE,
+                       "(&(objectClass=Person)(memberOf=CN=proxmox-admins,CN=Users,DC=techgrow,DC=local))", None)
+res_type, data = l.result(ldap_result)
+users = []
+print res_type
+for u in data:
+    name = u[0].split(',')[0].split('=')[1]
+    if u[1]['userAccountControl'][0] == '66048' or u[1]['userAccountControl'][0] == '512':
+        users.append(name)
+
+print users
+
+for host in pve_hosts:
+    print host
+    proxmox = ProxmoxAPI(host, user='root@pam', password='Band@2014', verify_ssl=False)
+    pve_users = proxmox.access.users.get()
+    pve_usernames = []
+    for u in pve_users:
+        if 'techgrow.local' in u['userid']:
+            pve_usernames.append(str(u['userid'].split('@')[0]))
+    print pve_usernames
+    for u in users:
+        userid = u + '@techgrow.local'
+        if u not in pve_usernames:
+            proxmox.access.users.post(userid=userid, groups='Admin')
+    for u in pve_usernames:
+        userid = u + '@techgrow.local'
+        if u not in users:
+            print userid
+            proxmox.access.users.delete(userid)
diff --git a/zayavka_reader.py b/zayavka_reader.py
index a684a58..8f1328e 100644
--- a/zayavka_reader.py
+++ b/zayavka_reader.py
@@ -64,7 +64,8 @@ def users_make_zayavka(users):
                         'groupSet': str(i['Otdel']),
                         'enabled': enabled,
                         'pwChange': pwchange,
-                        'toRemove': toremove
+                        'toRemove': toremove,
+                        'email': i['LoginEmail']
                         }
     return res