Created
July 23, 2019 21:07
-
-
Save zakes-it/7f2933b41a3d0e23ddb9f08757b853b0 to your computer and use it in GitHub Desktop.
Python class for macOS client asset management in AD: get AD bind info, user/group info and set computer description
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/python | |
| from OpenDirectory import ODNode, ODSession, kODRecordTypeUsers, \ | |
| kODRecordTypeGroups, kODRecordTypeComputers | |
| from SystemConfiguration import SCDynamicStoreCreate, SCDynamicStoreCopyValue | |
| class ActiveDirectory(object): | |
| def __init__(self, creds): | |
| self.creds = creds | |
| self.info = self.get_bind_info() | |
| if self.info: | |
| self.bound = True | |
| self.domain = self.info['DomainForestName'] | |
| self.node = self.connect_node() | |
| else: | |
| self.bound = False | |
| def connect_node(self): | |
| adpath = '{0}/{1}'.format(self.info['NodeName'], self.info['DomainNameDns']) | |
| node, error = ODNode.nodeWithSession_name_error_( | |
| ODSession.defaultSession(), adpath, None) | |
| auth, error = node.setCredentialsWithRecordType_recordName_password_error_( | |
| None, self.creds[0], self.creds[1], None) | |
| return node | |
| def get_bind_info(self): | |
| """Returns the FQDN of the Active Directory domain or None if the computer is not bound""" | |
| net_config = SCDynamicStoreCreate(None, "net", None, None) | |
| try: | |
| ad_info = dict(SCDynamicStoreCopyValue(net_config, | |
| 'com.apple.opendirectoryd.ActiveDirectory')) | |
| except: | |
| #not bound | |
| return None | |
| return ad_info | |
| def get_user_details(self, username): | |
| record, error = self.node.recordWithRecordType_name_attributes_error_( | |
| kODRecordTypeUsers, username, None, None) | |
| if not record: | |
| return None | |
| values, error = record.recordDetailsForAttributes_error_(None, None) | |
| return values | |
| def get_group_details(self, groupname): | |
| record, error = self.node.recordWithRecordType_name_attributes_error_( | |
| kODRecordTypeGroups, groupname, None, None) | |
| if not record: | |
| return None | |
| values, error = record.recordDetailsForAttributes_error_(None, None) | |
| return values | |
| def set_description(self, description): | |
| record, error = self.node.recordWithRecordType_name_attributes_error_( | |
| kODRecordTypeComputers, self.info['TrustAccount'], None, None) | |
| result, error = record.setValue_forAttribute_error_( | |
| description, "dsAttrTypeStandard:Comment", None) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment