lanbugs · February 2, 2025 05:22
diff --git a/create_computer_object.py b/create_computer_object.py
 # Create computer object in OU
 # Written by Maximilian Thoma 2023
 # More infos at https://lanbugs.de

 from ldap3 import Connection
 from ldap3.core.exceptions import LDAPException
 import random

 BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
 BACKEND_PASS = "SuperSecret"

 BACKEND_SERVER = "ldap://10.1.1.1"
 OU_PATH_U = "OU=Unassigned,OU=AAAA,DC=ad,DC=local"

 # random genrators
 w = random.randint(1000, 9999)
 x = random.randint(100000, 999999)
 y = format(random.randint(0, 0xFFFF), '04X')
 z = format(random.randint(0, 0xFFFF), '04X')

 COMPUTER_NAME = f"XXXX{x}"
 NAME = COMPUTER_NAME
 SERIAL = f"EC-A08-{y}-{z}"
 OSV = "1.0"
 OS = "Secure Linux OS"
 DESCRIPTION = f"Project XYZ{w}"

 try:
    with Connection(BACKEND_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True) as conn:
        computer_dn = "CN={},{}".format(COMPUTER_NAME, OU_PATH_U)
        computer_attributes = {
            'objectClass': ['top', 'person', 'organizationalPerson', 'user', 'computer'],
            'cn': COMPUTER_NAME,
            'serialNumber': SERIAL,
            'operatingSystemVersion': OSV,
            'operatingSystem': OS,
            'description': [DESCRIPTION],
            'sAMAccountName': f'{COMPUTER_NAME}$',
            'userAccountControl': '4096',
        }

        conn.add(computer_dn, attributes=computer_attributes)

        print(f'Computer "{COMPUTER_NAME}" created.')

 except LDAPException as e:
    print(e)

 conn.unbind()
diff --git a/create_new_ou.py b/create_new_ou.py
 # Create new sub OU
 # Written by Maximilian Thoma 2023
 # More infos at https://lanbugs.de

 from ldap3 import Connection

 AD_SERVER = 'ldap://10.1.1.1'
 BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
 BACKEND_PASS = "SuperSecret"
 base_dn = 'DC=ad,DC=local'

 target_ou = 'OU=Assigned,OU=AAAA,' + base_dn

 new_ou="C"

 conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

 new_ou_dn = f'OU={new_ou},{target_ou}'

 ou_attributes = {
    'objectClass': ['top', 'organizationalUnit'],
    'ou': new_ou
 }

 conn.add(new_ou_dn, attributes=ou_attributes)
 print(conn.result)
 conn.unbind()
diff --git a/delete_computer_object.py b/delete_computer_object.py
 # Delete computer
 # Written by Maximilian Thoma 2023
 # More infos at https://lanbugs.de

 from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

 AD_SERVER = 'ldap://10.1.1.1'
 BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
 BACKEND_PASS = "SuperSecret"

 COMPUTER_DN = 'CN=XXXX182410,OU=A,OU=Assigned,OU=AAAA,DC=ad,DC=local'

 conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

 conn.delete(COMPUTER_DN)

 if not conn.result['result']:
    print(f"computer {COMPUTER_DN} deleted.")
 else:
    print(f"computer {COMPUTER_DN} NOT deleted.")

 conn.unbind()
diff --git a/get_all_users_of_group.py b/get_all_users_of_group.py
 # Get all users of a group
 # Written by Maximilian Thoma 2023
 # More infos at https://lanbugs.de

 from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

 AD_SERVER = 'ldap://10.1.1.1'
 BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
 BACKEND_PASS = "SuperSecret"

 GROUP_DN = 'CN=p_admin,CN=Users,DC=ad,DC=local'

 conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

 conn.search(search_base=GROUP_DN, search_filter='(objectClass=*)', search_scope=SUBTREE, attributes=['member'])

 buffer = []

 for entry in conn.entries:

    for E in entry.member.value:
        conn.search(search_base=E, search_filter='(objectClass=*)', attributes=[ALL_ATTRIBUTES])
        sam_account_name = conn.entries[0]['sAMAccountName'].value

        buffer.append((sam_account_name, E))

 print(buffer)

 conn.unbind()
diff --git a/get_computer_objects_of_ou.py b/get_computer_objects_of_ou.py
 # Get all computer objects of one OU
 # Written by Maximilian Thoma 2023 
 # More infos at https://lanbugs.de

 from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

 AD_SERVER = 'ldap://10.1.1.1'
 BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
 BACKEND_PASS = "SuperSecret"
 BASE_DN = 'OU=A,OU=Assigned,OU=AAAA,DC=ad,DC=local'
 SEARCH_FILTER = '(objectClass=computer)'

 conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

 conn.search(search_base=BASE_DN, search_filter=SEARCH_FILTER, search_scope=SUBTREE, attributes=ALL_ATTRIBUTES)

 for entry in conn.entries:
    print(f"Name: {entry.cn} DN: {entry.entry_dn}")
    #print(entry)
    print("-----")
diff --git a/get_groups_of_user.py b/get_groups_of_user.py
 # Get groups of user
 # Written by Maximilian Thoma 2023
 # More infos at https://lanbugs.de


 from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

 AD_SERVER = 'ldap://10.1.1.1'
 BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
 BACKEND_PASS = "SuperSecret"
 BASE_DN = 'CN=Users,DC=ad,DC=local'

 USERNAME = "Administrator"
 SEARCH_FILTER = f'(sAMAccountName={USERNAME})'

 conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

 conn.search(search_base=BASE_DN,
                    search_filter=SEARCH_FILTER,
                    attributes=['memberOf'],
                    search_scope=SUBTREE)

 if conn.entries:
    user_entry = conn.entries[0]
    groups = user_entry.memberOf

    for group in groups:
        G = (group.split(',')[0].split('=')[1], group)
        print(G)
diff --git a/get_list_of_sub_ous.py b/get_list_of_sub_ous.py
 # Get list of Sub OUs
 # Written by Maximilian Thoma 2023
 # More infos at https://lanbugs.de

 from ldap3 import Connection, SUBTREE

 AD_SERVER = 'ldap://10.1.1.1'
 BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
 BACKEND_PASS = "SuperSecret"
 BASE_DN = 'OU=Assigned,OU=AAAA,DC=ad,DC=local'
 SEARCH_FILTER = '(objectClass=organizationalUnit)'

 conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

 conn.search(search_base=BASE_DN, search_filter=SEARCH_FILTER, search_scope=SUBTREE, attributes=['ou'])

 ous = [entry.entry_dn for entry in conn.entries]

 for ou in ous:
    if ou != BASE_DN:
        OU=(ou.split(',')[0].split('=')[1], ou)
        print(OU)
diff --git a/move_computer_object.py b/move_computer_object.py
 # Move computer to different OU
 # Written by Maximilian Thoma 2023
 # More infos at https://lanbugs.de

 from ldap3 import Connection

 AD_SERVER = 'ldap://10.1.1.1'
 BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
 BACKEND_PASS = "SuperSecret"
 base_dn = 'DC=ad,DC=local'
 source_ou = 'OU=Unassigned,OU=AAAA,' + base_dn
 target_ou = 'OU=A,OU=Assigned,OU=AAAA,' + base_dn
 computer_name = 'XXXX473163'

 with Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True) as conn:
    computer_dn = 'CN={},{}'.format(computer_name, source_ou)
    print(computer_dn)
    conn.modify_dn(computer_dn, 'CN={}'.format(computer_name), new_superior=target_ou)
    print(conn.result)
    print(f'"{computer_name}" moved.')

 conn.unbind()
	# Create computer object in OU
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection
	from ldap3.core.exceptions import LDAPException
	import random

	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"

	BACKEND_SERVER = "ldap://10.1.1.1"
	OU_PATH_U = "OU=Unassigned,OU=AAAA,DC=ad,DC=local"

	# random genrators
	w = random.randint(1000, 9999)
	x = random.randint(100000, 999999)
	y = format(random.randint(0, 0xFFFF), '04X')
	z = format(random.randint(0, 0xFFFF), '04X')

	COMPUTER_NAME = f"XXXX{x}"
	NAME = COMPUTER_NAME
	SERIAL = f"EC-A08-{y}-{z}"
	OSV = "1.0"
	OS = "Secure Linux OS"
	DESCRIPTION = f"Project XYZ{w}"

	try:
	with Connection(BACKEND_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True) as conn:
	computer_dn = "CN={},{}".format(COMPUTER_NAME, OU_PATH_U)
	computer_attributes = {
	'objectClass': ['top', 'person', 'organizationalPerson', 'user', 'computer'],
	'cn': COMPUTER_NAME,
	'serialNumber': SERIAL,
	'operatingSystemVersion': OSV,
	'operatingSystem': OS,
	'description': [DESCRIPTION],
	'sAMAccountName': f'{COMPUTER_NAME}$',
	'userAccountControl': '4096',
	}

	conn.add(computer_dn, attributes=computer_attributes)

	print(f'Computer "{COMPUTER_NAME}" created.')

	except LDAPException as e:
	print(e)

	conn.unbind()
	# Create new sub OU
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	base_dn = 'DC=ad,DC=local'

	target_ou = 'OU=Assigned,OU=AAAA,' + base_dn

	new_ou="C"

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	new_ou_dn = f'OU={new_ou},{target_ou}'

	ou_attributes = {
	'objectClass': ['top', 'organizationalUnit'],
	'ou': new_ou
	}

	conn.add(new_ou_dn, attributes=ou_attributes)
	print(conn.result)
	conn.unbind()
	# Delete computer
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"

	COMPUTER_DN = 'CN=XXXX182410,OU=A,OU=Assigned,OU=AAAA,DC=ad,DC=local'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.delete(COMPUTER_DN)

	if not conn.result['result']:
	print(f"computer {COMPUTER_DN} deleted.")
	else:
	print(f"computer {COMPUTER_DN} NOT deleted.")

	conn.unbind()
	# Get all users of a group
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"

	GROUP_DN = 'CN=p_admin,CN=Users,DC=ad,DC=local'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.search(search_base=GROUP_DN, search_filter='(objectClass=*)', search_scope=SUBTREE, attributes=['member'])

	buffer = []

	for entry in conn.entries:

	for E in entry.member.value:
	conn.search(search_base=E, search_filter='(objectClass=*)', attributes=[ALL_ATTRIBUTES])
	sam_account_name = conn.entries[0]['sAMAccountName'].value

	buffer.append((sam_account_name, E))

	print(buffer)

	conn.unbind()
	# Get all computer objects of one OU
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	BASE_DN = 'OU=A,OU=Assigned,OU=AAAA,DC=ad,DC=local'
	SEARCH_FILTER = '(objectClass=computer)'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.search(search_base=BASE_DN, search_filter=SEARCH_FILTER, search_scope=SUBTREE, attributes=ALL_ATTRIBUTES)

	for entry in conn.entries:
	print(f"Name: {entry.cn} DN: {entry.entry_dn}")
	#print(entry)
	print("-----")
	# Get groups of user
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de


	from ldap3 import Connection, SUBTREE, ALL_ATTRIBUTES

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	BASE_DN = 'CN=Users,DC=ad,DC=local'

	USERNAME = "Administrator"
	SEARCH_FILTER = f'(sAMAccountName={USERNAME})'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.search(search_base=BASE_DN,
	search_filter=SEARCH_FILTER,
	attributes=['memberOf'],
	search_scope=SUBTREE)

	if conn.entries:
	user_entry = conn.entries[0]
	groups = user_entry.memberOf

	for group in groups:
	G = (group.split(',')[0].split('=')[1], group)
	print(G)
	# Get list of Sub OUs
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection, SUBTREE

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	BASE_DN = 'OU=Assigned,OU=AAAA,DC=ad,DC=local'
	SEARCH_FILTER = '(objectClass=organizationalUnit)'

	conn = Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True)

	conn.search(search_base=BASE_DN, search_filter=SEARCH_FILTER, search_scope=SUBTREE, attributes=['ou'])

	ous = [entry.entry_dn for entry in conn.entries]

	for ou in ous:
	if ou != BASE_DN:
	OU=(ou.split(',')[0].split('=')[1], ou)
	print(OU)
	# Move computer to different OU
	# Written by Maximilian Thoma 2023
	# More infos at https://lanbugs.de

	from ldap3 import Connection

	AD_SERVER = 'ldap://10.1.1.1'
	BACKEND_USER = "CN=Backend User,CN=Users,DC=ad,DC=local"
	BACKEND_PASS = "SuperSecret"
	base_dn = 'DC=ad,DC=local'
	source_ou = 'OU=Unassigned,OU=AAAA,' + base_dn
	target_ou = 'OU=A,OU=Assigned,OU=AAAA,' + base_dn
	computer_name = 'XXXX473163'

	with Connection(AD_SERVER, user=BACKEND_USER, password=BACKEND_PASS, auto_bind=True) as conn:
	computer_dn = 'CN={},{}'.format(computer_name, source_ou)
	print(computer_dn)
	conn.modify_dn(computer_dn, 'CN={}'.format(computer_name), new_superior=target_ou)
	print(conn.result)
	print(f'"{computer_name}" moved.')

	conn.unbind()