Esempio n. 1
0
def execute(event):
        
    print('Checking system via ldap...')
    
    pydap.ldapConnect(confVars.ldapServer, confVars.userDN, confVars.password, confVars.baseDistinguishedName)
    
    entr = pydap.ldapSearch('sAMAccountName=' + event.hostname + '$')
    if not entr:
        return 
    
    entry = entr[0][0][1]
    
    attrs = OrderedDict()
    
    sysAttrMap = [('description', 'ad_description'),
                  ('distinguishedName', 'ad_ou'),
                  ('operatingSystem', 'operating_system')]
                  
    
    for ldapName, attrName in sysAttrMap:
        if ldapName in entry and attrName not in attrs:
            attrs[attrName] = entry[ldapName][0]
            
    if 'ad_ou' in attrs:
        attrs['ad_ou'] = ','.join(attrs['ad_ou'].split(',')[1:])

    for attr, value in attrs.iteritems():
            event.setAttribute(attr, value)
Esempio n. 2
0
def playbookInput(event):
    inputHeader = '%s Query Options' % FORMAL_NAME
    
    if not confVars.userDN or not confVars.password:
        printStatusMsg(inputHeader)
    
    if not confVars.userDN:
        confVars.userDN = getUserIn('User Distinguished Name')
    
    if not confVars.password:
        confVars.password = getpass("Password: ")

    successful = False
    while not successful:
        successful = pydap.ldapConnect(confVars.ldapServer, confVars.userDN, confVars.password, confVars.baseDistinguishedName)
        
        if not successful:
            print('Invalid Credentials, ldap data sources will fail.')
            return        
Esempio n. 3
0
def execute(event):

    def createFullName(attrs):
        if 'full_name' not in attrs:
            name = ''
            if '_first_name' in attrs:
                name += attrs['_first_name']
            if '_last_name' in attrs:
                name += ' ' + attrs['_last_name']
                
            if name:
                attrs['full_name'] = name
        
    def createPostalAddress(attrs):
        if 'postal_address' not in attrs:
            postal = ''
            if '_street' in attrs:
                postal += attrs['_street']
            if '_city' in attrs:
                postal += ' ' + attrs['_city']
            if '_state' in attrs:
                postal += ' ' + attrs['_state']
            if '_zip' in attrs:
                postal += ' ' + attrs['_zip']
            if '_country' in attrs:
                postal += ' ' + attrs['_country']
                
            if postal:
                attrs['postal_address'] = postal
        
    print('Checking ldap...')
    
    pydap.ldapConnect(confVars.ldapServer, confVars.userDN, confVars.password, confVars.baseDistinguishedName)
    
    entr = pydap.ldapSearch('sAMAccountName=' + event._analystUsername)
    if entr:
        entry = entr[0][0][1]
        event.setAttribute('_analystName', '%s, %s' % (entry['sn'], entry['givenName']))

    entr = pydap.ldapSearch('sAMAccountName=' + event.username)
    if not entr:
        return 
    
    entry = entr[0][0][1]
    
    if 'manager' in entry:
        manage = pydap.ldapSearch(entry['manager'][0].split(',')[0])
        
        if manage:
            manager = manage[0][0][1]
        else:
            manager = {}
    else:
        manager = {}
        
    attrs = OrderedDict()
    
    empAttrMap = [('physicalDeliveryOfficeName', '_physicalDeliveryOfficeName'),
                  ('distinguishedName', '_userADDN'),
                  ('givenName', '_first_name'),
                  ('middleName', '_middle_name'),
                  ('sn', '_last_name'),
                  ('l', '_city'),
                  ('st', '_state'),
                  ('streetAddress', '_street'),
                  ('street', '_street'),
                  ('postalCode', '_zip'),
                  ('c', '_country'),
                  ('displayNamePrintable', 'full_name'),
                  ('displayName', 'full_name'),
                  ('mail', 'email'),
                  ('telephoneNumber', 'phone_number'),
                  ('employeeType', 'employee_type'),
                  ('title', 'job_title'),
                  ('description', 'job_title'),
                  ('department', 'department'),
                  ('postalAddress', 'postal_address')]
    
    for ldapName, attrName in empAttrMap:
        if ldapName in entry and attrName not in attrs:
            attrs[attrName] = entry[ldapName][0]

    
    if 'adminCount' in entry and entry['adminCount'] == '1':
        event.setAttribute('privileged_account', 'adminCount', exceptional=True)
        event.setAttribute('privileged_adminCount', entry['adminCount'], exceptional=True)
    
    createFullName(attrs)
    createPostalAddress(attrs)

    
    manAttrs = OrderedDict()
    
    manAttrMap = [('givenName', '_first_name'),
                  ('sn', '_last_name'),
                  ('displayNamePrintable', 'manager'),
                  ('displayName', 'manager'),
                  ('mail', 'manager_email')]     
    
    for ldapName, attrName in manAttrMap:
        if ldapName in manager:
            manAttrs[attrName] = manager[ldapName][0]
    
    
    createFullName(manAttrs)
    createPostalAddress(manAttrs)
    
    
    if 'manager' in manAttrs:
        attrs['manager'] = manAttrs['manager']
    if 'manager_email' in manAttrs:
        attrs['manager_email'] = manAttrs['manager_email']
    
    for attr, value in attrs.iteritems():
        if attr[0] != '_':
            event.setAttribute(attr, value)
            #print('%s: %s' % (attr.replace('_', ' '), value))
        else:
            event.setAttribute(attr, value)