#!/usr/bin/python2
# coding=utf-8
import ldb
from samba.samdb import SamDB
from samba.auth import system_session
# from samba.ndr import ndr_pack, ndr_unpack
# from samba.dcerpc import security
import samba.param
# import base64
# import binascii
from UserAd_class import UserAd
import zayavka_reader as z_reader
base = "CN=Users,DC=techgrow,DC=local" # можно не заморачиваться с ОУ и тогда base = "CN=Users,DC=myDom,DC=lan"
domainName = 'techgrow.local'
dbconn = {'host': '10.1.11.26',
'user': 'LDAP2018',
'pass': 'Pr4t7UEZITwW1AYG',
'base': 'sitemanager0'}
sql = 'select * from LDAP'
ad_groups = ['vpn-users', 'gogs']
def users_make_ad(sam, base):
expression = "(&(objectCategory=person)(objectClass=user))"
users = {}
res = sam.search(base=base, expression=expression, attrs=['*', 'userAccountControl'])
for i in res:
enabled = 0
if int(str(i['userAccountControl'])) & 2 == 0:
enabled = 1
memberOf = []
for k in i['memberOf']:
memberOf.append(str(k).split(',')[0].split('=')[1])
users[str(i['samAccountName'])] = {'samAccountName': str(i['samAccountName']),
'memberOf': memberOf,
'userAccountControl': int(str(i['userAccountControl'])),
'enabled': enabled}
return users
def main():
lp = samba.param.LoadParm()
lp.load(samba.param.default_path()) # или lp.load("/etc/samba/smb.conf")
sam = SamDB(lp=lp, session_info=system_session())
z_users = z_reader.users_make_zayavka(z_reader.mysql_reader(dbconn, sql), ad_groups)
print len(z_users)
for z_user in z_users:
print z_user
ad_user = UserAd(sam, base, domainName, z_users[z_user]['samAccountName'], z_users[z_user]['usrPass'])
if z_users[z_user]['toRemove']: # удаляем, если такой есть
if ad_user.exists:
ad_user.remove()
continue
if z_users[z_user]['pwChange']: # обновляем пароль
ad_user.set_passwd()
if z_users[z_user]['enabled']: # инаблим или дисаблим
ad_user.enable()
else:
ad_user.disable()
for group in z_users[z_user]['memberOf']:
ad_user.add_in_group(group)
if __name__ == '__main__':
main()