def get_users(self, parameters): ad_help = ActiveDirectoryHelper() # return json object containing all user records results = ad_help.import_users(parameters) ldap_json = json.loads(results) entries = ldap_json['entries'] for person in entries: attributes = person['attributes'] model_attributes = {} groups = [] gen_groups = [] email_addresses = [] for key, value in attributes.items(): if len(value) > 0: if key == 'memberOf': for cn in value: qs = ActiveDirectoryGroup.objects.filter( ldap_configuration=parameters, distinguished_name=cn) for q in qs: groups.append(q) if q.group: gen_groups.append(q.group) elif key == 'proxyAddresses': for address in value: email_addresses.append(address[5:]) else: value_string = "" try: if isinstance(value, str): value_string = value value_string = value_string.decode('utf-8') else: for e in value: if isinstance(e, str): value_string = ''.join(e) else: value_string = e['encoded'] if key in ('accountExpires', 'badPasswordTime', 'lastLogoff', 'lastLogon', 'lastLogonTimestamp', 'pwdLastSet', 'uSNChanged', 'uSNCreated', 'whenChanged', 'whenCreated'): date = self.convert_date_time(value_string) if date: value_string = date.isoformat() if key in ('adminCount', 'badPwdCount', 'logonCount'): # print("WTF IS HAPPENING HERE") # print(value_string) if value_string is None or value_string is "": value_string = 0 else: value_string = int(value_string) if not self.ldap_field_to_model(key) is None: model_attributes[self.ldap_field_to_model( key)] = value_string except UnicodeDecodeError: model_attributes[self.ldap_field_to_model( key)] = self.cleanhex(value_string) attributes.pop('memberOf', None) attributes.pop('proxyAddresses', None) # Don't filter on everything. Start with the properties that are # least likely to ever change, then work towards the more mutable # properties. filter_attrs = {} if 'objectGUID' in attributes: filter_attrs['object_guid'] = model_attributes['object_guid'] elif 'objectSid' in attributes: filter_attrs['object_sid'] = model_attributes['object_sid'] elif 'distinguishedName' in attributes: filter_attrs['distinguished_name'] = model_attributes[ 'distinguished_name'] else: continue curr_identity, id_created = Identity.objects.get_or_create( identity_type=Identity.PERSON, name=model_attributes['object_guid'], description="Exported from LDAP") # If no matching user currently exists then create one, otherwise # update the existing user. ad_users = ActiveDirectoryUser.objects.filter(**filter_attrs) # print(model_attributes) if ad_users.count() == 0: ad_user = ActiveDirectoryUser.objects.create( ldap_configuration=parameters, **model_attributes) ad_user.save() else: ad_users.update(**model_attributes) ad_user = ad_users.first() Identifier.objects.get_or_create( identifier=ad_user.sam_account_name, identifier_type=Identifier.UNAME, identity=curr_identity) person, p_created = Person.objects.get_or_create( first_name="AD Person", surname=ad_user.display_name) person.identity.add(curr_identity) # Import the email addresses. for email_address in email_addresses: Identifier.objects.get_or_create( identifier=email_address, identifier_type=Identifier.EMAIL, identity=curr_identity) for group in groups: # print(groups) if ad_user.groups.filter(id=group.id).count() == 0: ad_user.groups.add(group) for gen_group in gen_groups: # print(gen_group.id) if curr_identity.groups.filter(id=gen_group.id).count() == 0: curr_identity.groups.add(gen_group)
def get_users(self, parameters): ad_help = ActiveDirectoryHelper() # return json object containing all user records results = ad_help.import_users(parameters) ldap_json = json.loads(results) entries = ldap_json['entries'] for person in entries: attributes = person['attributes'] model_attributes = {} groups = [] gen_groups = [] email_addresses = [] for key, value in attributes.items(): if len(value) > 0: if key == 'memberOf': for cn in value: qs = ActiveDirectoryGroup.objects.filter(ldap_configuration=parameters, distinguished_name=cn) for q in qs: groups.append(q) if q.group: gen_groups.append(q.group) elif key == 'proxyAddresses': for address in value: email_addresses.append(address[5:]) else: value_string = "" try: if isinstance(value, str): value_string = value value_string = value_string.decode('utf-8') else: for e in value: if isinstance(e, str): value_string = ''.join(e) else: value_string = e['encoded'] if key in ('accountExpires', 'badPasswordTime', 'lastLogoff', 'lastLogon', 'lastLogonTimestamp', 'pwdLastSet', 'uSNChanged', 'uSNCreated', 'whenChanged', 'whenCreated'): date = self.convert_date_time(value_string) if date: value_string = date.isoformat() if key in ('adminCount', 'badPwdCount', 'logonCount'): # print("WTF IS HAPPENING HERE") # print(value_string) if value_string is None or value_string is "": value_string = 0 else: value_string = int(value_string) if not self.ldap_field_to_model(key) is None: model_attributes[self.ldap_field_to_model(key)] = value_string except UnicodeDecodeError: model_attributes[self.ldap_field_to_model(key)] = self.cleanhex(value_string) attributes.pop('memberOf', None) attributes.pop('proxyAddresses', None) # Don't filter on everything. Start with the properties that are # least likely to ever change, then work towards the more mutable # properties. filter_attrs = {} if 'objectGUID' in attributes: filter_attrs['object_guid'] = model_attributes['object_guid'] elif 'objectSid' in attributes: filter_attrs['object_sid'] = model_attributes['object_sid'] elif 'distinguishedName' in attributes: filter_attrs['distinguished_name'] = model_attributes['distinguished_name'] else: continue curr_identity, id_created = Identity.objects.get_or_create(identity_type=Identity.PERSON, name=model_attributes['object_guid'], description="Exported from LDAP") # If no matching user currently exists then create one, otherwise # update the existing user. ad_users = ActiveDirectoryUser.objects.filter(**filter_attrs) # print(model_attributes) if ad_users.count() == 0: ad_user = ActiveDirectoryUser.objects.create(ldap_configuration=parameters, **model_attributes) ad_user.save() else: ad_users.update(**model_attributes) ad_user = ad_users.first() Identifier.objects.get_or_create(identifier=ad_user.sam_account_name, identifier_type=Identifier.UNAME, identity=curr_identity) person, p_created = Person.objects.get_or_create(first_name="AD Person", surname=ad_user.display_name) person.identity.add(curr_identity) # Import the email addresses. for email_address in email_addresses: Identifier.objects.get_or_create(identifier=email_address, identifier_type=Identifier.EMAIL, identity=curr_identity) for group in groups: # print(groups) if ad_user.groups.filter(id=group.id).count() == 0: ad_user.groups.add(group) for gen_group in gen_groups: # print(gen_group.id) if curr_identity.groups.filter(id=gen_group.id).count() == 0: curr_identity.groups.add(gen_group)