def connect(self):
if self.ldap_object is None:
logger.info("Connecting ldap server..")
self.ldap_object = ldap.initialize(self.address)
self.ldap_object.protocol_version = ldap.VERSION3
self.ldap_object.set_option(ldap.OPT_REFERRALS, 0)
self.ldap_object.simple_bind_s(self.bind_dn, self.passwd)
logger.info("connected.")
return self.ldap_object
def list_user(self, user_name=""):
logger.info("list user ..")
search_filter = None
if user_name:
search_filter = "cn={}".format(user_name)
ret = self.ldap_object.search_s(self.user_base_dn, ldap.SCOPE_SUBTREE,
search_filter, USER_SEARCH_ATTRS)
logger.info("search user response: [%s]", ret)
return ret
def create_user(self, user_name, uid, password, home_dir, gid):
logger.info(
"create user, home: [%s], name: [%s], uid: [%s], "
"gid: [%s], pwd: [%s]", home_dir, user_name, uid, gid, password)
import time
create_time = time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(time.time()))
attrs = dict(
sn=user_name,
cn=user_name, # common name
uid=user_name,
uidNumber=uid,
gidNumber=gid,
userPassword=password,
ou=self.user_ou, # People
homeDirectory=home_dir,
loginShell="/bin/bash",
description=create_time,
objectClass=self.
user_object_class # ['posixAccount','inetOrgPerson'] #cn、sn必填
)
dn = "cn={cn},ou={ou},{parent_dn}".format(cn=user_name,
ou=self.user_ou,
parent_dn=self.parent_dn)
ldif = modlist.addModlist(attrs)
res = self.ldap_object.add_s(dn, ldif)
logger.info("create user response: [%s]", res)
logger.info("create user successfully.")
def delete_user(self, user_name):
logger.info("Delete user[%s]..", user_name)
dn = "cn={cn},ou={ou},{parent_dn}".format(cn=user_name,
ou=self.user_ou,
parent_dn=self.parent_dn)
res = self.ldap_object.delete_s(dn)
logger.info("delete user response: [%s]", res)
logger.info("delete user successfully.")
def group_exist(self, g_id, g_name=""):
logger.info("Check if group id exist..")
search_filter = "gidNumber={}".format(g_id)
ret = self.ldap_object.search_s(self.group_base_dn, ldap.SCOPE_SUBTREE,
search_filter, GROUP_SEARCH_ATTRS)
logger.info("Search group id response: [%s]", ret)
for item in ret:
if item[1].get("gidNumber", None):
return True
if g_name:
logger.info("Check if group name exist..")
search_filter = "cn={}".format(g_name)
ret = self.ldap_object.search_s(self.group_base_dn,
ldap.SCOPE_SUBTREE, search_filter,
GROUP_SEARCH_ATTRS)
logger.info("Search group name response: [%s]", ret)
for item in ret:
if item[1].get("cn", None):
return True
return False
def user_exist(self, user_name, user_id=None):
logger.info("Check if user name exist..")
search_filter = "cn={}".format(user_name)
ret = self.ldap_object.search_s(self.user_base_dn, ldap.SCOPE_SUBTREE,
search_filter, USER_SEARCH_ATTRS)
logger.info("Search user name response: [%s]", ret)
for item in ret:
if item[1].get("cn", None):
return True
if user_id:
logger.info("Check if user id exist..")
search_filter = "uidNumber={}".format(user_id)
ret = self.ldap_object.search_s(self.user_base_dn,
ldap.SCOPE_SUBTREE, search_filter,
USER_SEARCH_ATTRS)
logger.info("Search user id response: [%s]", ret)
for item in ret:
if item[1].get("uidNumber", None):
return True
return False
def create_group(self, g_name, gid):
logger.info("create group, name: [%s], gid: [%s]", g_name, gid)
attrs = dict(
cn=g_name, # common name
memberUid=g_name,
gidNumber=gid,
objectClass=self.group_object_class,
)
dn = "cn={cn},ou={ou},{parent_dn}".format(cn=g_name,
ou=self.group_ou,
parent_dn=self.parent_dn)
ldif = modlist.addModlist(attrs)
res = self.ldap_object.add_s(dn, ldif)
logger.info("Create group response: [%s]", res)
logger.info("create group successfully.")
def uninstall(software):
logger.info("uninstall software[%s]..", software)
def reset(software):
logger.info("reset software[%s]..", software)
for opt, arg in opts:
if opt in ("-h", "--help"):
help()
sys.exit()
elif opt in ("-i", "--user_id"):
user_id = arg
elif opt in ("-n", "--name"):
name = arg
elif opt in ("-u", "--uid"):
uid = arg
elif opt in ("-g", "--gid"):
gid = arg
elif opt in ("-p", "--password"):
password = arg
logger.info("Params: ")
logger.info("user_id: %s", user_id)
logger.info("name: %s ", name)
logger.info("uid: %s", uid)
logger.info("gid: %s", gid)
logger.info("password: %s", password)
logger.info("")
if user_id and name and uid and gid and password:
client = None
try:
client = LdapClient(LDAP_ADDRESS, LDAP_ROOT_DN, LDAP_ADMIN,
LDAP_ADMIN_PASSWORD)
client.connect()
# client.list_user()
