def add_user_to_group(username, groupname): c = Connection(server, auto_bind=True, user="******" + ad_admin_username, password=ad_admin_password) c.extend.microsoft.add_members_to_groups( get_user_info(username).get('dn'), get_user_info(groupname).get('dn'))
def enable_user(username): # 激活用户 try: c = Connection(server, auto_bind=True, user="******"+ad_admin_username, password=ad_admin_password) c.modify(get_user_info(username).get('dn'), {'userAccountControl': [(MODIFY_REPLACE, [512])]}) return True except Exception: return False
def set_user_accountexpires(username, datetimeobj): # 修改有效期 try: c = Connection(server, auto_bind=True, user="******"+ad_admin_username, password=ad_admin_password) c.modify(get_user_info(username).get('dn'), {'accountExpires': [(MODIFY_REPLACE, [datetimeobj])]}) return True except Exception as e: print(e) return False
def change_user_password(username, newpass=''): c = Connection(server, auto_bind=True, user="******" + ad_admin_username, password=ad_admin_password) if newpass == '': newpass = random_password() c.extend.microsoft.modify_password( get_user_info(username).get('dn'), newpass) return newpass
def delete_user(username): try: # 连接服务器 c = Connection(server, auto_bind=True, user="******" + ad_admin_username, password=ad_admin_password) c.delete(get_user_info(username).get('dn')) return True except Exception: return False
def get_group_users(group_name): # 返回属于组的用户 users_list = [] try: # 连接服务器 c = Connection(server, auto_bind=True, user="******" + ad_admin_username, password=ad_admin_password) c.search( search_base=get_user_info(group_name).get('dn'), search_filter='(|(objectCategory=group)(objectCategory=user))', search_scope='SUBTREE', attributes=[ 'member', 'objectClass', 'userAccountControl', 'sAMAccountName' ], size_limit=0) for user in c.entries[0].member: users_list.append(user) return users_list except Exception as e: print(e) return None
# 从用户组用删除用户 def remove_user_from_group(username, groupname): c = Connection(server, auto_bind=True, user="******" + ad_admin_username, password=ad_admin_password) c.extend.microsoft.remove_members_from_groups( get_user_info(username).get('dn'), get_user_info(groupname).get('dn')) # 添加用户到用户组 def add_user_to_group(username, groupname): c = Connection(server, auto_bind=True, user="******" + ad_admin_username, password=ad_admin_password) c.extend.microsoft.add_members_to_groups( get_user_info(username).get('dn'), get_user_info(groupname).get('dn')) if __name__ == '__main__': remove_user_from_group('qyt-qink', 'qytanggroup') print(get_user_info('qyt-qink').get('memberOf')) add_user_to_group('qyt-qink', 'qytanggroup') print(get_user_info('qyt-qink').get('memberOf'))
# 修改有效期 try: c = Connection(server, auto_bind=True, user="******"+ad_admin_username, password=ad_admin_password) c.modify(get_user_info(username).get('dn'), {'accountExpires': [(MODIFY_REPLACE, [datetime.now() + timedelta(days=days)])]}) return True except Exception as e: print(e) return False def set_user_accountexpires(username, datetimeobj): # 修改有效期 try: c = Connection(server, auto_bind=True, user="******"+ad_admin_username, password=ad_admin_password) c.modify(get_user_info(username).get('dn'), {'accountExpires': [(MODIFY_REPLACE, [datetimeobj])]}) return True except Exception as e: print(e) return False if __name__ == '__main__': set_accountexpires('qyt-qink', days=10) print(get_user_info('qyt-qink')) from dateutil.parser import parse # 這個時間的時區與系統匹配 print(set_user_accountexpires('qyt-qink', parse('2019-10-1'))) print(get_user_info('qyt-qink'))
def add_ad_user(xingming, phone, qq, mail, group='qytanggroup', random_pass=False): # 转换汉字到拼音 hanzi = xingming try: xingming = get_pinyin_name(xingming) except Exception: pass # 根据类型找到组 if group == 'qytanggroup': group_dn = get_user_info(group).get('dn') add_username = '******' + xingming while True: if get_user_info(add_username): name_randint = str(randint(1, 100)) add_username += name_randint else: break user_dn = 'cn=' + add_username + ',' + ','.join(group_dn.split(',')[1:]) try: # 连接服务器 c = Connection(server, auto_bind=True, user="******" + ad_admin_username, password=ad_admin_password) end_time = datetime.today() + timedelta(days=100) c.add( user_dn, attributes={ 'objectClass': ['top', 'person', 'organizationalPerson', 'user'], # 用户名 'sAMAccountName': add_username, # 用户名 'userPrincipalName': add_username, # 有效期一年半 'accountExpires': end_time, # 姓为中文的汉字 'sn': hanzi, # 显示名为用户名 'displayName': add_username, # 电话 "telephoneNumber": phone, # 邮件 "Mail": mail, # QQ "description": hanzi + qq }) # 添加用户到组 c.extend.microsoft.add_members_to_groups(user_dn, group_dn) # 产生随机密码 if random_pass: password = random_password() else: password = '******' c.extend.microsoft.modify_password(user_dn, new_password=password) # 激活用户 c.modify(user_dn, {'userAccountControl': [(MODIFY_REPLACE, [512])]}) return add_username, password except Exception as e: print(e) return None