def execute(event):
print('Checking system via ldap...')
pydap.ldapConnect(confVars.ldapServer, confVars.userDN, confVars.password, confVars.baseDistinguishedName)
entr = pydap.ldapSearch('sAMAccountName=' + event.hostname + '$')
if not entr:
return
entry = entr[0][0][1]
attrs = OrderedDict()
sysAttrMap = [('description', 'ad_description'),
('distinguishedName', 'ad_ou'),
('operatingSystem', 'operating_system')]
for ldapName, attrName in sysAttrMap:
if ldapName in entry and attrName not in attrs:
attrs[attrName] = entry[ldapName][0]
if 'ad_ou' in attrs:
attrs['ad_ou'] = ','.join(attrs['ad_ou'].split(',')[1:])
for attr, value in attrs.iteritems():
event.setAttribute(attr, value)
def playbookInput(event):
inputHeader = '%s Query Options' % FORMAL_NAME
if not confVars.userDN or not confVars.password:
printStatusMsg(inputHeader)
if not confVars.userDN:
confVars.userDN = getUserIn('User Distinguished Name')
if not confVars.password:
confVars.password = getpass("Password: ")
successful = False
while not successful:
successful = pydap.ldapConnect(confVars.ldapServer, confVars.userDN, confVars.password, confVars.baseDistinguishedName)
if not successful:
print('Invalid Credentials, ldap data sources will fail.')
return
def execute(event):
def createFullName(attrs):
if 'full_name' not in attrs:
name = ''
if '_first_name' in attrs:
name += attrs['_first_name']
if '_last_name' in attrs:
name += ' ' + attrs['_last_name']
if name:
attrs['full_name'] = name
def createPostalAddress(attrs):
if 'postal_address' not in attrs:
postal = ''
if '_street' in attrs:
postal += attrs['_street']
if '_city' in attrs:
postal += ' ' + attrs['_city']
if '_state' in attrs:
postal += ' ' + attrs['_state']
if '_zip' in attrs:
postal += ' ' + attrs['_zip']
if '_country' in attrs:
postal += ' ' + attrs['_country']
if postal:
attrs['postal_address'] = postal
print('Checking ldap...')
pydap.ldapConnect(confVars.ldapServer, confVars.userDN, confVars.password, confVars.baseDistinguishedName)
entr = pydap.ldapSearch('sAMAccountName=' + event._analystUsername)
if entr:
entry = entr[0][0][1]
event.setAttribute('_analystName', '%s, %s' % (entry['sn'], entry['givenName']))
entr = pydap.ldapSearch('sAMAccountName=' + event.username)
if not entr:
return
entry = entr[0][0][1]
if 'manager' in entry:
manage = pydap.ldapSearch(entry['manager'][0].split(',')[0])
if manage:
manager = manage[0][0][1]
else:
manager = {}
else:
manager = {}
attrs = OrderedDict()
empAttrMap = [('physicalDeliveryOfficeName', '_physicalDeliveryOfficeName'),
('distinguishedName', '_userADDN'),
('givenName', '_first_name'),
('middleName', '_middle_name'),
('sn', '_last_name'),
('l', '_city'),
('st', '_state'),
('streetAddress', '_street'),
('street', '_street'),
('postalCode', '_zip'),
('c', '_country'),
('displayNamePrintable', 'full_name'),
('displayName', 'full_name'),
('mail', 'email'),
('telephoneNumber', 'phone_number'),
('employeeType', 'employee_type'),
('title', 'job_title'),
('description', 'job_title'),
('department', 'department'),
('postalAddress', 'postal_address')]
for ldapName, attrName in empAttrMap:
if ldapName in entry and attrName not in attrs:
attrs[attrName] = entry[ldapName][0]
if 'adminCount' in entry and entry['adminCount'] == '1':
event.setAttribute('privileged_account', 'adminCount', exceptional=True)
event.setAttribute('privileged_adminCount', entry['adminCount'], exceptional=True)
createFullName(attrs)
createPostalAddress(attrs)
manAttrs = OrderedDict()
manAttrMap = [('givenName', '_first_name'),
('sn', '_last_name'),
('displayNamePrintable', 'manager'),
('displayName', 'manager'),
('mail', 'manager_email')]
for ldapName, attrName in manAttrMap:
if ldapName in manager:
manAttrs[attrName] = manager[ldapName][0]
createFullName(manAttrs)
createPostalAddress(manAttrs)
if 'manager' in manAttrs:
attrs['manager'] = manAttrs['manager']
if 'manager_email' in manAttrs:
attrs['manager_email'] = manAttrs['manager_email']
for attr, value in attrs.iteritems():
if attr[0] != '_':
event.setAttribute(attr, value)
#print('%s: %s' % (attr.replace('_', ' '), value))
else:
event.setAttribute(attr, value)
