gm3dmo · December 22, 2018 07:46
diff --git a/gistfile1.txt b/gistfile1.txt
 import csv
 from ldif3 import LDIFParser
 from pprint import pprint

 def main():
    """
    Purpose
    =======
    Used to read ldif dumped from an AWS Simple AD and report on disabled accounts.

    How it works
    ============
    Read an ldif record and extract given name, surname and account control flag:

    userAccountControl: 66048

    the second from the right when you convert *userAccountControl* to binary:

    ['Mouse', 'Mickey', '1', '10000001000000010']

    indicates that the account is disabled as in the one above. A zero in that position indicates that the account is enabled.

    ['Duck', 'Donald', '0', '10000001000000000']

    The values on the bit array are documented here:

    https://support.microsoft.com/en-gb/help/305144/how-to-use-the-useraccountcontrol-flags-to-manipulate-user-account-pro
    """
    csv_file = 'users.csv'
    ldif_file = 'users.ldif'
    parser = LDIFParser(open(ldif_file, 'rb'))

    with open(csv_file, 'w', newline='') as csvfile:
        fieldnames = ['surname', 'given_name', 'accountDisabled']
        spamwriter = csv.DictWriter(csvfile, delimiter=',', fieldnames=fieldnames,
                                quotechar='|', quoting=csv.QUOTE_MINIMAL)
        spamwriter.writeheader()

        for dn, entry in parser.parse():
            gn = entry.get('givenName')
            sn = entry.get('sn')
            ac = entry.get('userAccountControl')
            if gn != None and sn != None:
                account_status = ac[0]
                ac_i = int(account_status)
                ac_b = '{:b}'.format(ac_i)
                surname = sn[0]
                given_name = gn[0]
                account_disabled = ac_b[-2]
                pprint([surname, given_name, account_disabled, ac_b ])
                spamwriter.writerow({'surname': surname, 'given_name': given_name, 'accountDisabled': account_disabled} )


 if __name__ == "__main__":
    main()
	import csv
	from ldif3 import LDIFParser
	from pprint import pprint

	def main():
	"""
	Purpose
	=======
	Used to read ldif dumped from an AWS Simple AD and report on disabled accounts.

	How it works
	============
	Read an ldif record and extract given name, surname and account control flag:

	userAccountControl: 66048

	the second from the right when you convert userAccountControl to binary:

	['Mouse', 'Mickey', '1', '10000001000000010']

	indicates that the account is disabled as in the one above. A zero in that position indicates that the account is enabled.

	['Duck', 'Donald', '0', '10000001000000000']

	The values on the bit array are documented here:

	https://support.microsoft.com/en-gb/help/305144/how-to-use-the-useraccountcontrol-flags-to-manipulate-user-account-pro
	"""
	csv_file = 'users.csv'
	ldif_file = 'users.ldif'
	parser = LDIFParser(open(ldif_file, 'rb'))

	with open(csv_file, 'w', newline='') as csvfile:
	fieldnames = ['surname', 'given_name', 'accountDisabled']
	spamwriter = csv.DictWriter(csvfile, delimiter=',', fieldnames=fieldnames,
	quotechar='\|', quoting=csv.QUOTE_MINIMAL)
	spamwriter.writeheader()

	for dn, entry in parser.parse():
	gn = entry.get('givenName')
	sn = entry.get('sn')
	ac = entry.get('userAccountControl')
	if gn != None and sn != None:
	account_status = ac[0]
	ac_i = int(account_status)
	ac_b = '{:b}'.format(ac_i)
	surname = sn[0]
	given_name = gn[0]
	account_disabled = ac_b[-2]
	pprint([surname, given_name, account_disabled, ac_b ])
	spamwriter.writerow({'surname': surname, 'given_name': given_name, 'accountDisabled': account_disabled} )


	if __name__ == "__main__":
	main()