#!/usr/bin/python2 # coding=utf-8 import ldb from samba.samdb import SamDB from samba.auth import system_session # from samba.ndr import ndr_pack, ndr_unpack # from samba.dcerpc import security import samba.param # import base64 # import binascii from UserAd_class import UserAd import zayavka_reader as z_reader base = "CN=Users,DC=techgrow,DC=local" # можно не заморачиваться с ОУ и тогда base = "CN=Users,DC=myDom,DC=lan" domainName = 'techgrow.local' dbconn = {'host': '10.1.11.26', 'user': 'LDAP2018', 'pass': 'Pr4t7UEZITwW1AYG', 'base': 'sitemanager0'} sql = 'select * from LDAP' ad_groups = ['vpn-users', 'gogs'] def users_make_ad(sam, base): expression = "(&(objectCategory=person)(objectClass=user))" users = {} res = sam.search(base=base, expression=expression, attrs=['*', 'userAccountControl']) for i in res: enabled = 0 if int(str(i['userAccountControl'])) & 2 == 0: enabled = 1 memberOf = [] for k in i['memberOf']: memberOf.append(str(k).split(',')[0].split('=')[1]) users[str(i['samAccountName'])] = {'samAccountName': str(i['samAccountName']), 'memberOf': memberOf, 'userAccountControl': int(str(i['userAccountControl'])), 'enabled': enabled} return users def main(): lp = samba.param.LoadParm() lp.load(samba.param.default_path()) # или lp.load("/etc/samba/smb.conf") sam = SamDB(lp=lp, session_info=system_session()) z_users = z_reader.users_make_zayavka(z_reader.mysql_reader(dbconn, sql), ad_groups) print len(z_users) for z_user in z_users: print z_user ad_user = UserAd(sam, base, domainName, z_users[z_user]['samAccountName'], z_users[z_user]['usrPass']) if z_users[z_user]['toRemove']: # удаляем, если такой есть if ad_user.exists: ad_user.remove() continue if not ad_user.exists: ad_user.add() if z_users[z_user]['pwChange']: # обновляем пароль ad_user.set_passwd() if z_users[z_user]['enabled']: # инаблим или дисаблим ad_user.enable() else: ad_user.disable() for group in z_users[z_user]['memberOf']: ad_user.add_in_group(group) if __name__ == '__main__': main()