def add_user_to_group(username, groupname):
c = Connection(server,
auto_bind=True,
user="******" + ad_admin_username,
password=ad_admin_password)
c.extend.microsoft.add_members_to_groups(
get_user_info(username).get('dn'),
get_user_info(groupname).get('dn'))
def enable_user(username):
# 激活用户
try:
c = Connection(server, auto_bind=True, user="******"+ad_admin_username, password=ad_admin_password)
c.modify(get_user_info(username).get('dn'), {'userAccountControl': [(MODIFY_REPLACE, [512])]})
return True
except Exception:
return False
def set_user_accountexpires(username, datetimeobj):
# 修改有效期
try:
c = Connection(server, auto_bind=True, user="******"+ad_admin_username, password=ad_admin_password)
c.modify(get_user_info(username).get('dn'), {'accountExpires': [(MODIFY_REPLACE, [datetimeobj])]})
return True
except Exception as e:
print(e)
return False
def change_user_password(username, newpass=''):
c = Connection(server,
auto_bind=True,
user="******" + ad_admin_username,
password=ad_admin_password)
if newpass == '':
newpass = random_password()
c.extend.microsoft.modify_password(
get_user_info(username).get('dn'), newpass)
return newpass
def delete_user(username):
try:
# 连接服务器
c = Connection(server,
auto_bind=True,
user="******" + ad_admin_username,
password=ad_admin_password)
c.delete(get_user_info(username).get('dn'))
return True
except Exception:
return False
def get_group_users(group_name):
# 返回属于组的用户
users_list = []
try:
# 连接服务器
c = Connection(server,
auto_bind=True,
user="******" + ad_admin_username,
password=ad_admin_password)
c.search(
search_base=get_user_info(group_name).get('dn'),
search_filter='(|(objectCategory=group)(objectCategory=user))',
search_scope='SUBTREE',
attributes=[
'member', 'objectClass', 'userAccountControl', 'sAMAccountName'
],
size_limit=0)
for user in c.entries[0].member:
users_list.append(user)
return users_list
except Exception as e:
print(e)
return None
# 从用户组用删除用户
def remove_user_from_group(username, groupname):
c = Connection(server,
auto_bind=True,
user="******" + ad_admin_username,
password=ad_admin_password)
c.extend.microsoft.remove_members_from_groups(
get_user_info(username).get('dn'),
get_user_info(groupname).get('dn'))
# 添加用户到用户组
def add_user_to_group(username, groupname):
c = Connection(server,
auto_bind=True,
user="******" + ad_admin_username,
password=ad_admin_password)
c.extend.microsoft.add_members_to_groups(
get_user_info(username).get('dn'),
get_user_info(groupname).get('dn'))
if __name__ == '__main__':
remove_user_from_group('qyt-qink', 'qytanggroup')
print(get_user_info('qyt-qink').get('memberOf'))
add_user_to_group('qyt-qink', 'qytanggroup')
print(get_user_info('qyt-qink').get('memberOf'))
# 修改有效期
try:
c = Connection(server, auto_bind=True, user="******"+ad_admin_username, password=ad_admin_password)
c.modify(get_user_info(username).get('dn'), {'accountExpires': [(MODIFY_REPLACE, [datetime.now() + timedelta(days=days)])]})
return True
except Exception as e:
print(e)
return False
def set_user_accountexpires(username, datetimeobj):
# 修改有效期
try:
c = Connection(server, auto_bind=True, user="******"+ad_admin_username, password=ad_admin_password)
c.modify(get_user_info(username).get('dn'), {'accountExpires': [(MODIFY_REPLACE, [datetimeobj])]})
return True
except Exception as e:
print(e)
return False
if __name__ == '__main__':
set_accountexpires('qyt-qink', days=10)
print(get_user_info('qyt-qink'))
from dateutil.parser import parse
# 這個時間的時區與系統匹配
print(set_user_accountexpires('qyt-qink', parse('2019-10-1')))
print(get_user_info('qyt-qink'))
def add_ad_user(xingming,
phone,
qq,
mail,
group='qytanggroup',
random_pass=False):
# 转换汉字到拼音
hanzi = xingming
try:
xingming = get_pinyin_name(xingming)
except Exception:
pass
# 根据类型找到组
if group == 'qytanggroup':
group_dn = get_user_info(group).get('dn')
add_username = '******' + xingming
while True:
if get_user_info(add_username):
name_randint = str(randint(1, 100))
add_username += name_randint
else:
break
user_dn = 'cn=' + add_username + ',' + ','.join(group_dn.split(',')[1:])
try:
# 连接服务器
c = Connection(server,
auto_bind=True,
user="******" + ad_admin_username,
password=ad_admin_password)
end_time = datetime.today() + timedelta(days=100)
c.add(
user_dn,
attributes={
'objectClass':
['top', 'person', 'organizationalPerson', 'user'],
# 用户名
'sAMAccountName': add_username,
# 用户名
'userPrincipalName': add_username,
# 有效期一年半
'accountExpires': end_time,
# 姓为中文的汉字
'sn': hanzi,
# 显示名为用户名
'displayName': add_username,
# 电话
"telephoneNumber": phone,
# 邮件
"Mail": mail,
# QQ
"description": hanzi + qq
})
# 添加用户到组
c.extend.microsoft.add_members_to_groups(user_dn, group_dn)
# 产生随机密码
if random_pass:
password = random_password()
else:
password = '******'
c.extend.microsoft.modify_password(user_dn, new_password=password)
# 激活用户
c.modify(user_dn, {'userAccountControl': [(MODIFY_REPLACE, [512])]})
return add_username, password
except Exception as e:
print(e)
return None
