def get_users(self, parameters):
ad_help = ActiveDirectoryHelper()
# return json object containing all user records
results = ad_help.import_users(parameters)
ldap_json = json.loads(results)
entries = ldap_json['entries']
for person in entries:
attributes = person['attributes']
model_attributes = {}
groups = []
gen_groups = []
email_addresses = []
for key, value in attributes.items():
if len(value) > 0:
if key == 'memberOf':
for cn in value:
qs = ActiveDirectoryGroup.objects.filter(
ldap_configuration=parameters,
distinguished_name=cn)
for q in qs:
groups.append(q)
if q.group:
gen_groups.append(q.group)
elif key == 'proxyAddresses':
for address in value:
email_addresses.append(address[5:])
else:
value_string = ""
try:
if isinstance(value, str):
value_string = value
value_string = value_string.decode('utf-8')
else:
for e in value:
if isinstance(e, str):
value_string = ''.join(e)
else:
value_string = e['encoded']
if key in ('accountExpires', 'badPasswordTime',
'lastLogoff', 'lastLogon',
'lastLogonTimestamp', 'pwdLastSet',
'uSNChanged', 'uSNCreated',
'whenChanged', 'whenCreated'):
date = self.convert_date_time(value_string)
if date:
value_string = date.isoformat()
if key in ('adminCount', 'badPwdCount',
'logonCount'):
# print("WTF IS HAPPENING HERE")
# print(value_string)
if value_string is None or value_string is "":
value_string = 0
else:
value_string = int(value_string)
if not self.ldap_field_to_model(key) is None:
model_attributes[self.ldap_field_to_model(
key)] = value_string
except UnicodeDecodeError:
model_attributes[self.ldap_field_to_model(
key)] = self.cleanhex(value_string)
attributes.pop('memberOf', None)
attributes.pop('proxyAddresses', None)
# Don't filter on everything. Start with the properties that are
# least likely to ever change, then work towards the more mutable
# properties.
filter_attrs = {}
if 'objectGUID' in attributes:
filter_attrs['object_guid'] = model_attributes['object_guid']
elif 'objectSid' in attributes:
filter_attrs['object_sid'] = model_attributes['object_sid']
elif 'distinguishedName' in attributes:
filter_attrs['distinguished_name'] = model_attributes[
'distinguished_name']
else:
continue
curr_identity, id_created = Identity.objects.get_or_create(
identity_type=Identity.PERSON,
name=model_attributes['object_guid'],
description="Exported from LDAP")
# If no matching user currently exists then create one, otherwise
# update the existing user.
ad_users = ActiveDirectoryUser.objects.filter(**filter_attrs)
# print(model_attributes)
if ad_users.count() == 0:
ad_user = ActiveDirectoryUser.objects.create(
ldap_configuration=parameters, **model_attributes)
ad_user.save()
else:
ad_users.update(**model_attributes)
ad_user = ad_users.first()
Identifier.objects.get_or_create(
identifier=ad_user.sam_account_name,
identifier_type=Identifier.UNAME,
identity=curr_identity)
person, p_created = Person.objects.get_or_create(
first_name="AD Person", surname=ad_user.display_name)
person.identity.add(curr_identity)
# Import the email addresses.
for email_address in email_addresses:
Identifier.objects.get_or_create(
identifier=email_address,
identifier_type=Identifier.EMAIL,
identity=curr_identity)
for group in groups:
# print(groups)
if ad_user.groups.filter(id=group.id).count() == 0:
ad_user.groups.add(group)
for gen_group in gen_groups:
# print(gen_group.id)
if curr_identity.groups.filter(id=gen_group.id).count() == 0:
curr_identity.groups.add(gen_group)
def get_users(self, parameters):
ad_help = ActiveDirectoryHelper()
# return json object containing all user records
results = ad_help.import_users(parameters)
ldap_json = json.loads(results)
entries = ldap_json['entries']
for person in entries:
attributes = person['attributes']
model_attributes = {}
groups = []
gen_groups = []
email_addresses = []
for key, value in attributes.items():
if len(value) > 0:
if key == 'memberOf':
for cn in value:
qs = ActiveDirectoryGroup.objects.filter(ldap_configuration=parameters,
distinguished_name=cn)
for q in qs:
groups.append(q)
if q.group:
gen_groups.append(q.group)
elif key == 'proxyAddresses':
for address in value:
email_addresses.append(address[5:])
else:
value_string = ""
try:
if isinstance(value, str):
value_string = value
value_string = value_string.decode('utf-8')
else:
for e in value:
if isinstance(e, str):
value_string = ''.join(e)
else:
value_string = e['encoded']
if key in ('accountExpires', 'badPasswordTime', 'lastLogoff', 'lastLogon',
'lastLogonTimestamp', 'pwdLastSet', 'uSNChanged', 'uSNCreated',
'whenChanged', 'whenCreated'):
date = self.convert_date_time(value_string)
if date:
value_string = date.isoformat()
if key in ('adminCount', 'badPwdCount', 'logonCount'):
# print("WTF IS HAPPENING HERE")
# print(value_string)
if value_string is None or value_string is "":
value_string = 0
else:
value_string = int(value_string)
if not self.ldap_field_to_model(key) is None:
model_attributes[self.ldap_field_to_model(key)] = value_string
except UnicodeDecodeError:
model_attributes[self.ldap_field_to_model(key)] = self.cleanhex(value_string)
attributes.pop('memberOf', None)
attributes.pop('proxyAddresses', None)
# Don't filter on everything. Start with the properties that are
# least likely to ever change, then work towards the more mutable
# properties.
filter_attrs = {}
if 'objectGUID' in attributes:
filter_attrs['object_guid'] = model_attributes['object_guid']
elif 'objectSid' in attributes:
filter_attrs['object_sid'] = model_attributes['object_sid']
elif 'distinguishedName' in attributes:
filter_attrs['distinguished_name'] = model_attributes['distinguished_name']
else:
continue
curr_identity, id_created = Identity.objects.get_or_create(identity_type=Identity.PERSON,
name=model_attributes['object_guid'],
description="Exported from LDAP")
# If no matching user currently exists then create one, otherwise
# update the existing user.
ad_users = ActiveDirectoryUser.objects.filter(**filter_attrs)
# print(model_attributes)
if ad_users.count() == 0:
ad_user = ActiveDirectoryUser.objects.create(ldap_configuration=parameters, **model_attributes)
ad_user.save()
else:
ad_users.update(**model_attributes)
ad_user = ad_users.first()
Identifier.objects.get_or_create(identifier=ad_user.sam_account_name, identifier_type=Identifier.UNAME,
identity=curr_identity)
person, p_created = Person.objects.get_or_create(first_name="AD Person",
surname=ad_user.display_name)
person.identity.add(curr_identity)
# Import the email addresses.
for email_address in email_addresses:
Identifier.objects.get_or_create(identifier=email_address, identifier_type=Identifier.EMAIL,
identity=curr_identity)
for group in groups:
# print(groups)
if ad_user.groups.filter(id=group.id).count() == 0:
ad_user.groups.add(group)
for gen_group in gen_groups:
# print(gen_group.id)
if curr_identity.groups.filter(id=gen_group.id).count() == 0:
curr_identity.groups.add(gen_group)
