#!/usr/bin/python ##################### # Author: Jacob Bresciani # Date: June 29th 2012 # # This script will scrape the Users OU of an active directory domain # called ad.domain.local and pull out all users, and their e-mail # address's and populate a file called /etc/nagios/objects/users.cfg # in nagios's contact format. # ##################### import os, getpass, subprocess, sys import ldap,ldif def main(): result_set = [] secret = "secret" manager = "cn=nagios,ou=Users,dc=ad,dc=domain,dc=local" server = "ad.domain.local" try: l = ldap.open(server) l.simple_bind_s(manager, secret) print_users(l) except ldap.LDAPError, error_message: print "Couldn't Connect. %s " % error_message def my_compare(sname): # A quick filter to ignore other service accounts that shouldn't have access to nagios nonusers = ["Administrator", "SM_742be9fa57404668a", "SM_72d55c17647f4646b", "KL-AK-7FA857174AC315"] for user in nonusers: if sname == user: return 0 return 1 def print_users(l): file = "/etc/nagios/objects/users.cfg" scope = ldap.SCOPE_SUBTREE base = "CN=Users,DC=ad,DC=domain,DC=local" retrieve_attributes = None filter = "objectClass=user" result_set = [] timeout = 0 count = 0 f = open(file, 'w') try: result_id = l.search(base, scope, filter, retrieve_attributes) while 1: result_type, result_data = l.result(result_id, timeout) if (result_data == []): break else: if result_type == ldap.RES_SEARCH_ENTRY: result_set.append(result_data) if len(result_set) == 0: print "No Results." return for i in range(len(result_set)): for entry in result_set[i]: try: name = entry[1]['name'][0] email = entry[1]['mail'][0] sname = entry[1]['sAMAccountName'][0] if my_compare(sname): count = count + 1 f.writelines("define contact{\n\tcontact_name %s\n\tuse generic-contact\n\talias %s\n\temail %s\n\t}\n\n" % (sname,name,email)) except: pass except ldap.LDAPError, error_message: print error_message if __name__ == '__main__': main()