def from_ldap(entry, adinfo=None): adi = MSADUser() adi.sn = entry['attributes'].get('sn') adi.cn = entry['attributes'].get('cn') adi.distinguishedName = entry['attributes'].get('distinguishedName') adi.description = entry['attributes'].get('description') adi.initials = entry['attributes'].get('initials') adi.givenName = entry['attributes'].get('givenName') adi.displayName = entry['attributes'].get('displayName') adi.name = entry['attributes'].get('name') adi.objectCategory = entry['attributes'].get('objectCategory') adi.objectClass = entry['attributes'].get('objectClass') adi.objectGUID = entry['attributes'].get('objectGUID') adi.objectSid = entry['attributes'].get('objectSid') adi.primaryGroupID = entry['attributes'].get('primaryGroupID') adi.sAMAccountName = entry['attributes'].get('sAMAccountName') adi.userPrincipalName = entry['attributes'].get('userPrincipalName') adi.servicePrincipalName = entry['attributes'].get( 'servicePrincipalName') adi.memberOf = entry['attributes'].get('memberOf') adi.member = entry['attributes'].get('member') adi.accountExpires = entry['attributes'].get('accountExpires') adi.badPasswordTime = entry['attributes'].get('badPasswordTime') adi.lastLogoff = entry['attributes'].get('lastLogoff') adi.lastLogon = entry['attributes'].get('lastLogon') adi.lastLogonTimestamp = entry['attributes'].get('lastLogonTimestamp') adi.pwdLastSet = entry['attributes'].get('pwdLastSet') adi.whenChanged = entry['attributes'].get('whenChanged') adi.whenCreated = entry['attributes'].get('whenCreated') adi.badPwdCount = entry['attributes'].get('badPwdCount') adi.logonCount = entry['attributes'].get('logonCount') adi.sAMAccountType = entry['attributes'].get('sAMAccountType') adi.codePage = entry['attributes'].get('codePage') adi.countryCode = entry['attributes'].get('countryCode') adi.allowedtodelegateto = entry['attributes'].get( 'msDS-AllowedToDelegateTo') adi.admincount = entry['attributes'].get('adminCount') temp = entry['attributes'].get('userAccountControl') if temp: adi.userAccountControl = MSLDAP_UAC(temp) if adinfo: adi.when_pw_change = (adi.pwdLastSet - adinfo.minPwdAge).replace(tzinfo=None) if adinfo.maxPwdAge.days < -3650: #this is needed, because some ADs have mawPwdAge set for a huge number BUT not to the minimum adi.when_pw_expires = datetime.datetime.max else: adi.when_pw_expires = ( adi.pwdLastSet - adinfo.maxPwdAge).replace( tzinfo=None ) if adinfo.maxPwdAge != 0 else adi.pwdLastSet adi.must_change_pw = adi.calc_PasswordMustChange( adinfo) #datetime adi.canLogon = adi.calc_CanLogon() #bool return adi
def from_ldap(entry, adinfo=None): adi = MSADUser() adi.sn = entry['attributes'].get('sn') adi.cn = entry['attributes'].get('cn') adi.distinguishedName = entry['attributes'].get('distinguishedName') adi.description = entry['attributes'].get('description') adi.initials = entry['attributes'].get('initials') adi.givenName = entry['attributes'].get('givenName') adi.displayName = entry['attributes'].get('displayName') adi.name = entry['attributes'].get('name') adi.objectCategory = entry['attributes'].get('objectCategory') adi.objectClass = entry['attributes'].get('objectClass') adi.objectGUID = entry['attributes'].get('objectGUID') adi.objectSid = entry['attributes'].get('objectSid') adi.primaryGroupID = entry['attributes'].get('primaryGroupID') adi.sAMAccountName = entry['attributes'].get('sAMAccountName') adi.userPrincipalName = entry['attributes'].get('userPrincipalName') adi.servicePrincipalName = entry['attributes'].get( 'servicePrincipalName') adi.memberOf = entry['attributes'].get('memberOf') adi.member = entry['attributes'].get('member') adi.accountExpires = entry['attributes'].get('accountExpires') adi.badPasswordTime = entry['attributes'].get('badPasswordTime') adi.lastLogoff = entry['attributes'].get('lastLogoff') adi.lastLogon = entry['attributes'].get('lastLogon') adi.lastLogonTimestamp = entry['attributes'].get('lastLogonTimestamp') adi.pwdLastSet = entry['attributes'].get('pwdLastSet') adi.whenChanged = entry['attributes'].get('whenChanged') adi.whenCreated = entry['attributes'].get('whenCreated') adi.badPwdCount = entry['attributes'].get('badPwdCount') adi.logonCount = entry['attributes'].get('logonCount') adi.sAMAccountType = entry['attributes'].get('sAMAccountType') adi.codePage = entry['attributes'].get('codePage') adi.countryCode = entry['attributes'].get('countryCode') adi.allowedtodelegateto = entry['attributes'].get( 'msDS-AllowedToDelegateTo') temp = entry['attributes'].get('userAccountControl') if temp: adi.userAccountControl = MSLDAP_UAC(temp) if adinfo: adi.when_pw_change = ( adi.pwdLastSet - timedelta(seconds=adinfo.minPwdAge / 10000000)).replace( tzinfo=None) adi.when_pw_expires = ( adi.pwdLastSet - timedelta(seconds=adinfo.maxPwdAge / 10000000)).replace( tzinfo=None) adi.must_change_pw = adi.calc_PasswordMustChange() #datetime if adi.sAMAccountName[-1] != '$': adi.canLogon = adi.calc_CanLogon() #bool return adi
def from_ldap(entry, adinfo=None): adi = MSADMachine() adi.sn = entry['attributes'].get('sn') adi.cn = entry['attributes'].get('cn') adi.distinguishedName = entry['attributes'].get('distinguishedName') adi.accountExpires = entry['attributes'].get('accountExpires') adi.badPasswordTime = entry['attributes'].get('badPasswordTime') adi.badPwdCount = entry['attributes'].get('badPwdCount') adi.codePage = entry['attributes'].get('codePage') adi.countryCode = entry['attributes'].get('countryCode') adi.description = entry['attributes'].get('description') adi.displayName = entry['attributes'].get('displayName') adi.dNSHostName = entry['attributes'].get('dNSHostName') adi.instanceType = entry['attributes'].get('instanceType') adi.isCriticalSystemObject = entry['attributes'].get( 'isCriticalSystemObject') adi.lastLogoff = entry['attributes'].get('lastLogoff') adi.lastLogon = entry['attributes'].get('lastLogon') adi.lastLogonTimestamp = entry['attributes'].get('lastLogonTimestamp') adi.logonCount = entry['attributes'].get('logonCount') adi.localPolicyFlags = entry['attributes'].get('localPolicyFlags') adi.supported_enc_types = entry['attributes'].get( 'msDS-SupportedEncryptionTypes') adi.name = entry['attributes'].get('name') adi.objectCategory = entry['attributes'].get('objectCategory') adi.objectClass = entry['attributes'].get('objectClass') adi.objectGUID = entry['attributes'].get('objectGUID') adi.objectSid = entry['attributes'].get('objectSid') adi.operatingSystem = entry['attributes'].get('operatingSystem') adi.operatingSystemVersion = entry['attributes'].get( 'operatingSystemVersion') adi.primaryGroupID = entry['attributes'].get('primaryGroupID') adi.pwdLastSet = entry['attributes'].get('pwdLastSet') adi.sAMAccountName = entry['attributes'].get('sAMAccountName') adi.sAMAccountType = entry['attributes'].get('sAMAccountType') adi.whenChanged = entry['attributes'].get('whenChanged') adi.whenCreated = entry['attributes'].get('whenCreated') adi.servicePrincipalName = entry['attributes'].get( 'servicePrincipalName') adi.allowedtodelegateto = entry['attributes'].get( 'msDS-AllowedToDelegateTo') temp = entry['attributes'].get('userAccountControl') if temp: adi.userAccountControl = MSLDAP_UAC(temp) return adi
def from_ldap(entry, adinfo=None): adi = MSADMachine() adi.sn = entry['attributes'].get('sn') adi.cn = entry['attributes'].get('cn') adi.distinguishedName = entry['attributes'].get('distinguishedName') adi.accountExpires = entry['attributes'].get('accountExpires') adi.badPasswordTime = entry['attributes'].get('badPasswordTime') adi.badPwdCount = entry['attributes'].get('badPwdCount') adi.codePage = entry['attributes'].get('codePage') adi.countryCode = entry['attributes'].get('countryCode') adi.description = entry['attributes'].get('description') adi.displayName = entry['attributes'].get('displayName') adi.dNSHostName = entry['attributes'].get('dNSHostName') adi.instanceType = entry['attributes'].get('instanceType') adi.isCriticalSystemObject = entry['attributes'].get( 'isCriticalSystemObject') adi.lastLogoff = entry['attributes'].get('lastLogoff') adi.lastLogon = entry['attributes'].get('lastLogon') adi.lastLogonTimestamp = entry['attributes'].get('lastLogonTimestamp') adi.logonCount = entry['attributes'].get('logonCount') adi.localPolicyFlags = entry['attributes'].get('localPolicyFlags') adi.supported_enc_types = entry['attributes'].get( 'msDS-SupportedEncryptionTypes') adi.name = entry['attributes'].get('name') adi.objectCategory = entry['attributes'].get('objectCategory') adi.objectClass = entry['attributes'].get('objectClass') adi.objectGUID = entry['attributes'].get('objectGUID') adi.objectSid = entry['attributes'].get('objectSid') adi.operatingSystem = entry['attributes'].get('operatingSystem') adi.operatingSystemVersion = entry['attributes'].get( 'operatingSystemVersion') adi.primaryGroupID = entry['attributes'].get('primaryGroupID') adi.pwdLastSet = entry['attributes'].get('pwdLastSet') adi.sAMAccountName = entry['attributes'].get('sAMAccountName') adi.sAMAccountType = entry['attributes'].get('sAMAccountType') adi.whenChanged = entry['attributes'].get('whenChanged') adi.whenCreated = entry['attributes'].get('whenCreated') adi.servicePrincipalName = entry['attributes'].get( 'servicePrincipalName') adi.allowedtodelegateto = entry['attributes'].get( 'msDS-AllowedToDelegateTo') adi.allowedtoactonbehalfofotheridentity = entry['attributes'].get( 'msDS-AllowedToActOnBehalfOfOtherIdentity') temp = entry['attributes'].get('userAccountControl') if temp: adi.userAccountControl = MSLDAP_UAC(temp) if adinfo: adi.when_pw_change = (adi.pwdLastSet - adinfo.minPwdAge).replace(tzinfo=None) if adinfo.maxPwdAge.days < -3650: #this is needed, because some ADs have mawPwdAge set for a huge number BUT not to the minimum adi.when_pw_expires = datetime.datetime.max else: adi.when_pw_expires = ( adi.pwdLastSet - adinfo.maxPwdAge).replace( tzinfo=None ) if adinfo.maxPwdAge != 0 else adi.pwdLastSet adi.must_change_pw = adi.calc_PasswordMustChange( adinfo) #datetime adi.canLogon = adi.calc_CanLogon() #bool return adi