lanbugs/create_computer_object.py

## create_computer_object.py
# Create computer object in OU
# Written by Maximilian Thoma 2023
# More infos at https://lanbugs.de

from ldap3 import Connection
from ldap3.core.exceptions import LDAPException
import random

BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
BACKEND_PASS = "SuperSecret"

BACKEND_SERVER = "ldap://10.1.1.1"
OU_PATH_U = "OU=Unassigned,OU=AAAA,DC=ad,DC=local"

# random genrators
w = random.randint(1000, 9999)
x = random.randint(100000, 999999)
y = format(random.randint(0, 0xFFFF), '04X')
z = format(random.randint(0, 0xFFFF), '04X')

COMPUTER_NAME = f"XXXX{x}"
NAME = COMPUTER_NAME
SERIAL = f"EC-A08-{y}-{z}"
OSV = "1.0"
OS = "Secure Linux OS"
DESCRIPTION = f"Project XYZ{w}"

try:
    with Connection(BACKEND_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True) as conn:
        computer_dn = "CN={},{}".format(COMPUTER_NAME, OU_PATH_U)
        computer_attributes = {
            'objectClass': ['top', 'person', 'organizationalPerson', 'user', 'computer'],
            'cn': COMPUTER_NAME,
            'serialNumber': SERIAL,
            'operatingSystemVersion': OSV,
            'operatingSystem': OS,
            'description': [DESCRIPTION],
            'sAMAccountName': f'{COMPUTER_NAME}$',
            'userAccountControl': '4096',
        }

        conn.add(computer_dn, attributes=computer_attributes)

        print(f'Computer "{COMPUTER_NAME}" created.')

except LDAPException as e:
    print(e)

conn.unbind()

## create_new_ou.py
# Create new sub OU
# Written by Maximilian Thoma 2023
# More infos at https://lanbugs.de

from ldap3 import Connection

AD_SERVER = 'ldap://10.1.1.1'
BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
BACKEND_PASS = "SuperSecret"
base_dn = 'DC=ad,DC=local'

target_ou = 'OU=Assigned,OU=AAAA,' + base_dn

new_ou="C"

conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

new_ou_dn = f'OU={new_ou},{target_ou}'

ou_attributes = {
    'objectClass': ['top', 'organizationalUnit'],
    'ou': new_ou
}

conn.add(new_ou_dn, attributes=ou_attributes)
print(conn.result)
conn.unbind()

## delete_computer_object.py
# Delete computer
# Written by Maximilian Thoma 2023
# More infos at https://lanbugs.de

from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

AD_SERVER = 'ldap://10.1.1.1'
BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
BACKEND_PASS = "SuperSecret"

COMPUTER_DN = 'CN=XXXX182410,OU=A,OU=Assigned,OU=AAAA,DC=ad,DC=local'

conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

conn.delete(COMPUTER_DN)

if not conn.result['result']:
    print(f"computer {COMPUTER_DN} deleted.")
else:
    print(f"computer {COMPUTER_DN} NOT deleted.")

conn.unbind()

## get_all_users_of_group.py
# Get all users of a group
# Written by Maximilian Thoma 2023
# More infos at https://lanbugs.de

from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

AD_SERVER = 'ldap://10.1.1.1'
BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
BACKEND_PASS = "SuperSecret"

GROUP_DN = 'CN=p_admin,CN=Users,DC=ad,DC=local'

conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

conn.search(search_base=GROUP_DN, search_filter='(objectClass=*)', search_scope=SUBTREE, attributes=['member'])

buffer = []

for entry in conn.entries:

    for E in entry.member.value:
        conn.search(search_base=E, search_filter='(objectClass=*)', attributes=[ALL_ATTRIBUTES])
        sam_account_name = conn.entries[0]['sAMAccountName'].value

        buffer.append((sam_account_name, E))

print(buffer)

conn.unbind()

## get_computer_objects_of_ou.py
# Get all computer objects of one OU
# Written by Maximilian Thoma 2023
# More infos at https://lanbugs.de

from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

AD_SERVER = 'ldap://10.1.1.1'
BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
BACKEND_PASS = "SuperSecret"
BASE_DN = 'OU=A,OU=Assigned,OU=AAAA,DC=ad,DC=local'
SEARCH_FILTER = '(objectClass=computer)'

conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

conn.search(search_base=BASE_DN, search_filter=SEARCH_FILTER, search_scope=SUBTREE, attributes=ALL_ATTRIBUTES)

for entry in conn.entries:
    print(f"Name: {entry.cn} DN: {entry.entry_dn}")
    #print(entry)
    print("-----")

## get_groups_of_user.py
# Get groups of user
# Written by Maximilian Thoma 2023
# More infos at https://lanbugs.de


from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

AD_SERVER = 'ldap://10.1.1.1'
BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
BACKEND_PASS = "SuperSecret"
BASE_DN = 'CN=Users,DC=ad,DC=local'

USERNAME = "Administrator"
SEARCH_FILTER = f'(sAMAccountName={USERNAME})'

conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

conn.search(search_base=BASE_DN,
                    search_filter=SEARCH_FILTER,
                    attributes=['memberOf'],
                    search_scope=SUBTREE)

if conn.entries:
    user_entry = conn.entries[0]
    groups = user_entry.memberOf

    for group in groups:
        G = (group.split(',')[0].split('=')[1], group)
        print(G)

## get_list_of_sub_ous.py
# Get list of Sub OUs
# Written by Maximilian Thoma 2023
# More infos at https://lanbugs.de

from ldap3 import Connection, SUBTREE

AD_SERVER = 'ldap://10.1.1.1'
BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
BACKEND_PASS = "SuperSecret"
BASE_DN = 'OU=Assigned,OU=AAAA,DC=ad,DC=local'
SEARCH_FILTER = '(objectClass=organizationalUnit)'

conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

conn.search(search_base=BASE_DN, search_filter=SEARCH_FILTER, search_scope=SUBTREE, attributes=['ou'])

ous = [entry.entry_dn for entry in conn.entries]

for ou in ous:
    if ou != BASE_DN:
        OU=(ou.split(',')[0].split('=')[1], ou)
        print(OU)

## move_computer_object.py
# Move computer to different OU
# Written by Maximilian Thoma 2023
# More infos at https://lanbugs.de

from ldap3 import Connection

AD_SERVER = 'ldap://10.1.1.1'
BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
BACKEND_PASS = "SuperSecret"
base_dn = 'DC=ad,DC=local'
source_ou = 'OU=Unassigned,OU=AAAA,' + base_dn
target_ou = 'OU=A,OU=Assigned,OU=AAAA,' + base_dn
computer_name = 'XXXX473163'

with Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True) as conn:
    computer_dn = 'CN={},{}'.format(computer_name, source_ou)
    print(computer_dn)
    conn.modify_dn(computer_dn, 'CN={}'.format(computer_name), new_superior=target_ou)
    print(conn.result)
    print(f'"{computer_name}" moved.')

conn.unbind()
	# Create computer object in OU
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection
	from ldap3.core.exceptions import LDAPException
	import random

	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"

	BACKEND_SERVER = "ldap://10.1.1.1"
	OU_PATH_U = "OU=Unassigned,OU=AAAA,DC=ad,DC=local"

	# random genrators
	w = random.randint(1000, 9999)
	x = random.randint(100000, 999999)
	y = format(random.randint(0, 0xFFFF), '04X')
	z = format(random.randint(0, 0xFFFF), '04X')

	COMPUTER_NAME = f"XXXX{x}"
	NAME = COMPUTER_NAME
	SERIAL = f"EC-A08-{y}-{z}"
	OSV = "1.0"
	OS = "Secure Linux OS"
	DESCRIPTION = f"Project XYZ{w}"

	try:
	with Connection(BACKEND_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True) as conn:
	computer_dn = "CN={},{}".format(COMPUTER_NAME, OU_PATH_U)
	computer_attributes = {
	'objectClass': ['top', 'person', 'organizationalPerson', 'user', 'computer'],
	'cn': COMPUTER_NAME,
	'serialNumber': SERIAL,
	'operatingSystemVersion': OSV,
	'operatingSystem': OS,
	'description': [DESCRIPTION],
	'sAMAccountName': f'{COMPUTER_NAME}$',
	'userAccountControl': '4096',
	}

	conn.add(computer_dn, attributes=computer_attributes)

	print(f'Computer "{COMPUTER_NAME}" created.')

	except LDAPException as e:
	print(e)

	conn.unbind()
	# Create new sub OU
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	base_dn = 'DC=ad,DC=local'

	target_ou = 'OU=Assigned,OU=AAAA,' + base_dn

	new_ou="C"

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	new_ou_dn = f'OU={new_ou},{target_ou}'

	ou_attributes = {
	'objectClass': ['top', 'organizationalUnit'],
	'ou': new_ou
	}

	conn.add(new_ou_dn, attributes=ou_attributes)
	print(conn.result)
	conn.unbind()
	# Delete computer
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"

	COMPUTER_DN = 'CN=XXXX182410,OU=A,OU=Assigned,OU=AAAA,DC=ad,DC=local'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.delete(COMPUTER_DN)

	if not conn.result['result']:
	print(f"computer {COMPUTER_DN} deleted.")
	else:
	print(f"computer {COMPUTER_DN} NOT deleted.")

	conn.unbind()
	# Get all users of a group
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"

	GROUP_DN = 'CN=p_admin,CN=Users,DC=ad,DC=local'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.search(search_base=GROUP_DN, search_filter='(objectClass=*)', search_scope=SUBTREE, attributes=['member'])

	buffer = []

	for entry in conn.entries:

	for E in entry.member.value:
	conn.search(search_base=E, search_filter='(objectClass=*)', attributes=[ALL_ATTRIBUTES])
	sam_account_name = conn.entries[0]['sAMAccountName'].value

	buffer.append((sam_account_name, E))

	print(buffer)

	conn.unbind()
	# Get all computer objects of one OU
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	BASE_DN = 'OU=A,OU=Assigned,OU=AAAA,DC=ad,DC=local'
	SEARCH_FILTER = '(objectClass=computer)'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.search(search_base=BASE_DN, search_filter=SEARCH_FILTER, search_scope=SUBTREE, attributes=ALL_ATTRIBUTES)

	for entry in conn.entries:
	print(f"Name: {entry.cn} DN: {entry.entry_dn}")
	#print(entry)
	print("-----")
	# Get groups of user
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de


	from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	BASE_DN = 'CN=Users,DC=ad,DC=local'

	USERNAME = "Administrator"
	SEARCH_FILTER = f'(sAMAccountName={USERNAME})'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.search(search_base=BASE_DN,
	search_filter=SEARCH_FILTER,
	attributes=['memberOf'],
	search_scope=SUBTREE)

	if conn.entries:
	user_entry = conn.entries[0]
	groups = user_entry.memberOf

	for group in groups:
	G = (group.split(',')[0].split('=')[1], group)
	print(G)
	# Get list of Sub OUs
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection, SUBTREE

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	BASE_DN = 'OU=Assigned,OU=AAAA,DC=ad,DC=local'
	SEARCH_FILTER = '(objectClass=organizationalUnit)'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.search(search_base=BASE_DN, search_filter=SEARCH_FILTER, search_scope=SUBTREE, attributes=['ou'])

	ous = [entry.entry_dn for entry in conn.entries]

	for ou in ous:
	if ou != BASE_DN:
	OU=(ou.split(',')[0].split('=')[1], ou)
	print(OU)
	# Move computer to different OU
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	base_dn = 'DC=ad,DC=local'
	source_ou = 'OU=Unassigned,OU=AAAA,' + base_dn
	target_ou = 'OU=A,OU=Assigned,OU=AAAA,' + base_dn
	computer_name = 'XXXX473163'

	with Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True) as conn:
	computer_dn = 'CN={},{}'.format(computer_name, source_ou)
	print(computer_dn)
	conn.modify_dn(computer_dn, 'CN={}'.format(computer_name), new_superior=target_ou)
	print(conn.result)
	print(f'"{computer_name}" moved.')

	conn.unbind()