def SearchAD(username='******'): q = adquery.ADQuery() q.execute_query( attributes=["cn", "member", "sAMAccountType", "sAMAccountName"], where_clause=("sAMAccountName = '" + username + "'"), ) return q.get_results()
def query_generator(get_attributes=[], where_clause="objectClass = '*'", base_dn=''): q = adquery.ADQuery() q.execute_query(attributes=get_attributes, where_clause=where_clause, base_dn=base_dn) for r in q.get_results(): yield r
def get_title(user_id): try: title = adquery.ADQuery() title.execute_query( attributes=["title"], where_clause=f"SamAccountName = '{user_id}'", ) title = title.get_single_result()["title"] return title except: return "None"
def QryUser(username='******'): # Query AD username (sAMAccountName) q = adquery.ADQuery() q.execute_query( attributes=[ "cn", "member", "sAMAccountType", "sAMAccountName", "displayName", "name" ], where_clause=("sAMAccountName = '" + username + "'"), ) allRestuls = () allResults = q.get_results return allResults()
def QryGroup(name='BCRinformatics'): # Query AD by group (name) q = adquery.ADQuery() q.execute_query( attributes=[ "cn", "member", "sAMAccountType", "sAMAccountName", "displayName", "name" ], where_clause=("name = '" + name + "'"), ) allRestuls = () allResults = q.get_results return allResults()
def QryName(name='Bateman, Thomas (Admin ID)'): # Query AD by name (name) q = adquery.ADQuery() q.execute_query( attributes=[ "cn", "member", "sAMAccountType", "sAMAccountName", "displayName", "name" ], where_clause=("name = '" + name + "'"), ) allRestuls = () allResults = q.get_results return allResults()
def get_username(user_id): try: username = adquery.ADQuery() username.execute_query( attributes=["cn"], where_clause=f"SamAccountName = '{user_id}'", ) username = username.get_single_result()["cn"] username = username.split(",") username = username[::-1] username = "******".join(username) return username except: return user_id
def SearchAD(username='******'): q = adquery.ADQuery() q.execute_query( attributes=["cn", "member", "sAMAccountType", "sAMAccountName"], where_clause=("sAMAccountName = '" + username + "'"), ) # for r in q.get_results(): # print("CN: ",r['cn']) # print("MEMBER: ",r['member']) # print("SAMAccountType: ",r['sAMAccountType']) # print("sAMAccountName: ",r['sAMAccountName']) return q.get_results()
def main(): q = adquery.ADQuery() q.execute_query( attributes=["distinguishedName", "displayName", "memberOf", "mail"], where_clause="objectClass = 'User'", base_dn="OU=PKW Corp,DC=pkwillis,DC=local") for row in q.get_results(): logging.info("Inspecting " + row["distinguishedName"]) user1 = aduser.ADUser.from_dn(row["distinguishedName"]) address = row["mail"] pwLastSet = user1.get_password_last_set() pwAge = (datetime.today() - pwLastSet).days uctl = user1.get_user_account_control_settings() pwDoesntExpire = uctl["DONT_EXPIRE_PASSWD"] pwDisabled = uctl["ACCOUNTDISABLE"] badOU = "Computers" in row["distinguishedName"] or "SecuredProfiles" in row["distinguishedName"] or \ "Security Groups" in row["distinguishedName"] or "Training" in row["distinguishedName"] or "PKW7" in row["distinguishedName"] pwExpirationDate = ( pwLastSet + timedelta(MAXPASSWORDAGEINDAYS)).strftime("%m/%d/%Y") if badOU == False and pwDoesntExpire == False and pwDisabled == False and pwAge > MAXPASSWORDAGEINDAYS - 7: if pwAge > MAXPASSWORDAGEINDAYS: # push to a stack so we can report all of these at the same time at the end of the log. deque.append("Found expired PW for " + row["displayName"] + ": PW is " + str(pwAge) + " days old. PW_Doesn't_Expire flag is " + str(pwDoesntExpire) + " and Expires on " + str(pwExpirationDate)) else: logging.info("Preparing to email warning to " + row["displayName"] + ": PW is " + str(pwAge) + " days old. PW_Doesn't_Expire flag is " + str(pwDoesntExpire) + " and Expires on " + str(pwExpirationDate)) msg = makeMessage(row["displayName"], MAXPASSWORDAGEINDAYS - pwAge, pwExpirationDate) mailMsg(address, msg, MAXPASSWORDAGEINDAYS - pwAge, row["displayName"])
from pyad import adquery, aduser, addomain ## Get all user related information q = adquery.ADQuery() q.execute_query(attributes=["distinguishedName", "sAMAccountName"], where_clause="objectClass = '*'", base_dn="CN=users, DC=centralapp, DC=com") count = 0 for row in q.get_results(): if row['sAMAccountName'] == "<enter_user_id>": count = count + 1 print("User Found") aduser_user = aduser.ADUser( distinguished_name=row['distinguishedName']) print("AccountDisable ...{}".format( aduser_user.get_user_account_control_settings()['ACCOUNTDISABLE'])) print(aduser_user.get_max_pwd_age()) print("Password Expired .. {}".format( aduser_user.get_password_expired())) print("Last Password reset .. {}".format( aduser_user.get_password_last_set())) print("Expiry Date .. {}".format(aduser_user.get_expiration())) aduser_obj = aduser.ADObject( distinguished_name=row['distinguishedName']) print("Members Ofs .. ") for each in aduser_obj.get_memberOfs(): print("\t" + str(each)) print(aduser_obj.dump_to_xml())
def QueryAD(attributes=[], where='', OU=''): q = adquery.ADQuery() q.execute_query(attributes=attributes, where_clause=where, base_dn=OU) return q.get_results()
def domainUserExists(username): q = adquery.ADQuery() q.execute_query(attributes=['distinguishedName'], where_clause="sAMAccountName = '%s'"%username, base_dn = "OU=Accounts, DC=solano, DC=cc, DC=ca, DC=us") return len(list(q.get_results())) == 1
def creategroup(state1): #bb = raw_input("Enter users last names with commas spearating the names?") btn3['state'] = "disable" btn3.update() btn2['state'] = "disable" btn2.update() btn1['state'] = "disable" btn1.update() bb = e1.get() des = e2.get() bb = bb.lower() astate = '' usmtcmd = '' if bb == '' and state1 == 'extract': #usmtcmd = " /i:MigDocs.xml /i:migapp.xml " + des + " /progress:prog.log /v:13 /all /lac /lae /l:load.log /decrypt /key:\"Windows10\"" astate = 'all' btn['state'] = "active" btn.update() extractstate(usmtcmd, des, astate) return "Exiting" if bb == '' and state1 == 'load': #usmtcmd = " /i:MigDocs.xml /i:migapp.xml " + des + " /progress:prog.log /v:13 /all /lac /lae /l:load.log /decrypt /key:\"Windows10\"" astate = 'all' btn['state'] = "active" btn.update() loadstate(usmtcmd, des, astate) return "Exiting" if bb == '' and state1 == 'scan': #usmtcmd = " /i:migdocs.xml /i:migapp.xml " + des + " /progress:prog.log /v:13 /l:usmt.log /encrypt /key:\"Windows10\"" astate = 'all' btn['state'] = "active" btn.update() runusmt(usmtcmd, des, astate) return "Exiting" if bb == 'local' and state1 == 'scan': local(usmtcmd, des, astate) return "Exiting" bb = bb.split(';') # check_group(group) # group = group.upper() # owner = e3.get() # owner = owner.upper() # try: # new_group = adgroup.ADGroup.create(group, ou, security_enabled=True, scope='UNIVERSAL', optional_attributes = {"description":owner}) # print "Just Created The New Group " +group # except: # print "The group already exists!" # new_group = group for i in range(len(bb)): str = bb[i] str = str[str.find("<") + 1:str.find(">")] str = str.lower() print "Looking UP " + bb[i].title() + " and " + bb[i].lower() u = bb[i].title() sa = bb[i].lower() if "@battelle.org" in str: u = str.lower() sa = str.lower() try: q = adquery.ADQuery() except: print "Cannot Not Query Domain " try: q.execute_query( attributes=["cn", "sAMAccountName", "userPrincipalName"], where_clause="objectClass = '*'", base_dn="DC=domain, DC=domain, DC=domain") except: print "Query Failed" for row in q.get_results(): try: i = row["cn"] ii = row["sAMAccountName"].lower() iii = row["userPrincipalName"].lower() i2 = u i3 = sa if i2 in i or i3 in iii: print "Name:" + i print "Email:" + ii print "Logon:" + iii name = userinput() if name == "n" or name == "": print "You answered No" name = "n" name2 = name.lower() #print "Answered No: "+name2 name2 = name.lower() if name2 == "y": b = i print "Answered Yes, Looking up user: "******"", ii) print iiii sid_ = win32security.ConvertSidToStringSid(iiii) aReg = ConnectRegistry(None, HKEY_LOCAL_MACHINE) print sid_ if state1 == 'scan': aKey = OpenKey( aReg, r"SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" ) for i in range(1024): try: asubkey_name = EnumKey(aKey, i) if asubkey_name == sid_: print "User found: " + ii + " and has this SID: " + sid_ users.append(sid_) break except EnvironmentError: break # try: # new_group.add_members([user1]) #new_group.sync_membership([user1]) # except: # print "Adding New Users "+b # new_group1 = adgroup.ADGroup.from_cn(group) # isthere = new_group1.check_contains_member(user1) # if isthere == True: # print "User Already in Group" #new_group1 = adgroup.ADGroup.from_cn(group) # else: # new_group1.add_members([user1]) #print sid_ if state1 == 'load': users.append(sid_) break except: a = "" #listgroup(new_group,group) print users #len(users) #print len(users) if state1 == 'scan': #aa=r'/i:MigDocs.xml ' #bb==r'/i:MigDocs.xml ' #cc=r'/progress:prog.log ' #dd=r'/v:13 ' #ee=r'/l:usmt.log ' #ff=r'/encrypt ' #gg=r' /key:\"Windows10\" ' #hh=r' /ue:*\*' #usmtcmd = r'/i:MigDocs.xml /i:MigApp.xml /progress:prog.log /v:13 /l:usmt.log /encrypt /key:\"Windows10\" /ue:*\*' usmtcmd = "" if state1 == 'load': #usmtcmd = " /i:migdocs.xml /i:migapp.xml " + des + " /progress:prog.log /v:13 /lac /lae /l:load.log /decrypt /key:\"Windows10\" /ue:*" usmtcmd = "" #index=0 #for uu in users: #print users[index] #x=chr(92) #domain=r'domainname'+x #usmtcmd = usmtcmd + r'/ui:'+domain+users[index]+r' ' #usmtcmd = users[index] #index += 1 usmtcmd = users if len(usmtcmd) == 0: print "Please Re-Run! No Users Found on this PC to Migrate" btn3['state'] = "active" btn3.update() btn1['state'] = "active" btn1.update() return "Exiting" #print usmtcmd if state1 == 'scan': runusmt(usmtcmd, des, astate) btn['state'] = "active" btn.update() btn3['state'] = "disable" btn3.update() return "Exiting" if state1 == 'load': loadstate(usmtcmd, des, astate) btn['state'] = "active" btn.update() btn3['state'] = "disable" btn3.update() return "Exiting" print "Finished! Please Run Again or Quit!"
def query(get_attributes=[], where_clause="objectClass = '*'", base_dn=''): q = adquery.ADQuery() q.execute_query(attributes=get_attributes, where_clause=where_clause, base_dn=base_dn) return list(q.get_results())