def import_users(self):
print('Importing users!')
for user in self.get_file('users')['users']:
#pprint.pprint(user)
#input()
m = ADUser()
m.ad_id = self.ads[user['Properties']['objectsid'].rsplit('-',
1)[0]]
m.name = user['Name'].split('@', 1)[0]
m.objectSid = user['Properties']['objectsid']
m.description = user['Properties']['description']
m.displayName = user['Properties']['displayname']
m.email = user['Properties']['email']
self.db_session.add(m)
self.db_session.commit()
def import_users(self):
logger.debug('[BHIMPORT] Importing users')
meta = self.get_file('users')['meta']
total = meta['count']
for user in tqdm(self.get_file('users')['users'],
desc='Users ',
total=total,
disable=self.disable_print_progress):
try:
if self.debug is True:
pretty(user)
input()
if self.bloodhound_version == '2':
m = ADUser()
m.ad_id = self.ads[user['Properties']['objectsid'].rsplit(
'-', 1)[0]]
m.name = user['Name'].split('@', 1)[0]
m.sAMAccountName = m.name
m.objectSid = user['Properties']['objectsid']
m.canLogon = user['Properties'].get('enabled')
m.lastLogonTimestamp = convert_to_dt(
user['Properties'].get('lastlogontimestamp'))
m.lastLogon = convert_to_dt(
user['Properties'].get('lastlogon'))
m.pwdLastSet = convert_to_dt(
user['Properties'].get('pwdlastset'))
m.displayName = user['Properties'].get('displayname')
m.email = user['Properties'].get('email')
m.description = user['Properties'].get('description')
m.UAC_DONT_REQUIRE_PREAUTH = user['Properties'].get(
'dontreqpreauth')
m.UAC_PASSWD_NOTREQD = user['Properties'].get(
'passwordnotreqd')
m.UAC_TRUSTED_FOR_DELEGATION = user['Properties'].get(
'unconstraineddelegation')
m.adminCount = user['Properties'].get('admincount')
#not importing [Properties][highvalue] [Properties][hasspn] [Properties][title] [Properties][homedirectory] [Properties][userpassword] [Properties][sensitive] [AllowedToDelegate] [SPNTargets]
else:
m = ADUser()
m.ad_id = self.ads[user['Properties']['objectid'].rsplit(
'-', 1)[0]]
m.dn = user['Properties']['distinguishedname']
m.name = user['Properties']['name'].split('@', 1)[0]
m.sAMAccountName = m.name
m.objectSid = user['Properties']['objectid']
m.description = user['Properties']['description']
m.displayName = user['Properties']['displayname']
m.email = user['Properties']['email']
m.UAC_DONT_REQUIRE_PREAUTH = user['Properties'][
'dontreqpreauth']
m.UAC_PASSWD_NOTREQD = user['Properties'][
'passwordnotreqd']
m.UAC_TRUSTED_FOR_DELEGATION = user['Properties'][
'unconstraineddelegation']
m.canLogon = user['Properties']['enabled']
if 'pwdneverexpires' in user['Properties']:
m.UAC_DONT_EXPIRE_PASSWD = user['Properties'][
'pwdneverexpires']
m.adminCount = user['Properties']['admincount']
m.pwdLastSet = convert_to_dt(
user['Properties']['pwdlastset'])
m.lastLogonTimestamp = convert_to_dt(
user['Properties']['lastlogontimestamp'])
m.lastLogon = convert_to_dt(
user['Properties']['lastlogon'])
m.displayName = user['Properties']['displayname']
#not importing [Properties][highvalue] [Properties][hasspn] [Properties][sidhistory] [Properties][title] [Properties][homedirectory] [Properties][userpassword] [Properties][sensitive] [HasSIDHistory] [AllowedToDelegate] [SPNTargets]
if user['Properties'].get('highvalue') is True:
hvt = ADObjProps(self.graphid, m.objectSid, 'HVT')
self.db_session.add(hvt)
if 'serviceprincipalnames' in user['Properties']:
if len(user['Properties']['serviceprincipalnames']) > 0:
m.servicePrincipalName = '|'.join(
user['Properties']['serviceprincipalnames'])
self.spns.append(
(m.objectSid, m.ad_id,
user['Properties']['serviceprincipalnames']))
self.db_session.add(m)
edgeinfo = EdgeLookup(m.ad_id, m.objectSid, 'user')
self.db_session.add(edgeinfo)
#self.db_session.commit()
if user['Aces'] is not None:
self.insert_acl(m.objectSid, 'user', user['Aces'], m.ad_id)
except Exception as e:
logger.debug(
'[BHIMPORT] Error while processing user %s Reason: %s' %
(user, e))
continue
self.db_session.commit()