Migrate from ldap to kandim

2025-06-14 21:14:59 +02:00 · 2025-06-14 21:14:59 +02:00 · 4c371dd6d1
commit 4c371dd6d1
parent 84afce5957
3 changed files with 43 additions and 2 deletions
--- a/kandim_query.py
+++ b/kandim_query.py
@ -0,0 +1,37 @@
+#!/usr/bin/env python3
+import config
+import json
+import urllib.request
+
+def doGET(ep):
+    req = urllib.request.Request(config.kandim_server + ep)
+    req.add_header('Authorization', 'Bearer ' + config.kandim_token)
+    res = urllib.request.urlopen(req)
+    if res.code != 200:
+        raise Exception("API ERROR " + ep)
+    j = json.load(res)
+    return j
+
+def getGroupUsers(grp):
+    g = doGET("/v1/group/" + grp)
+    if 'member' not in g['attrs']:
+        raise Exception("Attribute 'member' not in Group")
+    return g['attrs']['member']
+
+def getUser(user):
+    u = doGET("/v1/person/" + user)
+    return u['attrs']
+
+userlist = getGroupUsers(config.kandim_group)
+for user in userlist:
+    print("#User: " + user)
+    uo = getUser(user)
+    if 'ssh_publickey' not in uo:
+        continue
+    for keyf in uo['ssh_publickey']:
+        key = keyf.split(": ", 1)
+        if len(key) < 2:
+            print("# Error while processing key")
+            continue
+        if 'keymatic' in key[0]:
+            print(key[1] + key[0])