sebastian.serfling
/
REPORTS_User
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
REPORTS_User/disable_user.py

93 lines
4.2 KiB
Python
Raw Blame History

import requests
import subprocess
import socket
import json
from datetime import datetime
def get_local_ip():
try:
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
local_ip = s.getsockname()[0]
s.close()
return local_ip
except Exception as e:
print(f"Fehler beim Abrufen der lokalen IP-Adresse: {e}")
return None
def request(function,variable):
url = (f"http://api.stines.de:8001{function}")
response = requests.post(url,json = variable,headers={'access_token':'^YWUbG7yX*V!tV^KBSd*2c&vdN3wV9a2i7f3hfGFMBYFxi6#mMiJGiaA5KEHE%B*miK%qb7rQ67gmcYP@gqmux8'})
return response
def getdabase():
r = request("/info/getdatabase",{'ip':get_local_ip()})
return r.text.replace('"','')
# PowerShell-Skript für die Active Directory-Abfrage
powershell_script = r'''
# PowerShell-Skript für die Active Directory-Abfrage mit Filter
$ADResults = Get-ADUser -Filter { (ObjectClass -eq "user") -and (-not (UserPrincipalName -like "*Mailbox*")) -and (-not (UserPrincipalName -like "*Admin*")) -and (-not (UserPrincipalName -like "*Exchange*"))} -Properties SamAccountName | Select-Object SamAccountName
# Ausgabe der JSON-Daten
$ADResults | ConvertTo-Json | Out-File -FilePath "disable_user.json" -Encoding UTF8
'''
print(getdabase())
def erster_tag_folgender_monat(date_str):
date_obj = datetime.strptime(date_str, "%d.%m.%Y")
if date_obj.month == 12:
next_month = 1
next_year = date_obj.year + 1
else:
next_month = date_obj.month + 1
next_year = date_obj.year
erster_tag_folgender_monat = datetime(next_year, next_month, 1)
result_str = erster_tag_folgender_monat.strftime("%d.%m.%Y")
return result_str
def exchange_disable(samaccountname,datum):
powershell_script = fr'''$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://tnpex01/PowerShell/ -Authentication Kerberos
Import-PSSession $Session
Set-Mailbox -Identity {samaccountname} -AccountDisabled $true
'''
subprocess.run(["powershell", "-command", powershell_script], stdout=subprocess.PIPE, text=True)
# PowerShell-Skript ausführen und die Ausgabe abrufen
result = subprocess.run(["powershell", "-command", powershell_script], stdout=subprocess.PIPE, text=True)
with open('disable_user.json', 'r',encoding='utf-8-sig') as file:
ad_data = json.load(file)
# Ergebnisse anzeigen oder weiterverarbeiten
for entry in ad_data:
samaccountname = entry['SamAccountName']
print(samaccountname)
user_disabled = request("/ad/user/disabled", {"user": f'{samaccountname}', "dbname": getdabase()}).json()
print(user_disabled)
count = 0
for i in user_disabled:
datum = i[1]
if datum is None:
next
else:
date_str = datetime.fromisoformat(str(datum))
datum = date_str.strftime("%d.%m.%Y")
gruppen = i[0]
if datum is None:
next
else:
print(subprocess.run(["powershell", "-command", f"Remove-ADGroupMember -Identity '{gruppen}' -Members '{samaccountname}' -Confirm:$False"]))
if gruppen == "G-RDP-User":
count +=1
print(subprocess.run(["powershell", "-command", f"Set-ADUser -Identity '{samaccountname}'" "-Replace @{extensionAttribute1 = 'RDS - Deaktiviert am: "f'{datum}'"'} -Confirm:$False"]))
if gruppen == "G-Exchange-User":
count +=1
print(subprocess.run(["powershell", "-command",
f"Set-ADUser -Identity '{samaccountname}'" "-Replace @{extensionAttribute2 = 'Exchange - Deaktiviert am: "f'{datum}'"'} -Confirm:$False"]))
print(f"Set-Mailbox -Identity {samaccountname} -CustomAttribute1 'Deaktiviert am: {datum}'")
exchange_disable(samaccountname,datum)
if count >= 2:
print(subprocess.run(["powershell", "-command",
f"Set-ADUser -Identity '{samaccountname}'" "-Replace @{Description = 'Deaktiviert zum: "f'{erster_tag_folgender_monat(datum)}'"'} -Confirm:$False"]))
Reference in New Issue View Git Blame Copy Permalink