Stuff

2022-07-11 20:27:33 +02:00 · 2022-07-11 20:27:33 +02:00 · ac92458573
commit ac92458573
parent d28c6375c8
8 changed files with 327 additions and 0 deletions
--- a/ldap_query.py
+++ b/ldap_query.py
@ -0,0 +1,30 @@
+#!/usr/bin/env python3
+import ldap
+import config
+ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, config.ldap_cafile)
+l = ldap.initialize(config.ldap_server)
+l.simple_bind_s(config.ldap_user, config.ldap_pass)
+r = l.search_s("dc=leitstelle511,dc=net", ldap.SCOPE_SUBTREE, "(&(objectClass=posixaccount)(memberOf=cn=keymatic,ou=groups,dc=leitstelle511,dc=net))", ["sshKey", "memberOf", "mail"])
+#r = l.search_s("dc=leitstelle511,dc=net", ldap.SCOPE_SUBTREE, config.ldap_filter, ["sshKey", "memberOf", "mail"])
+
+def checkKey(bk):
+    try:
+        k = bk.decode()
+        kp = k.split(' ')
+        if "keymatic" in kp[-1].lower():
+            return True
+
+    except:
+        print("# Error while checking Key")
+    return False
+
+for e in r:
+    if 'sshKey' in e[1]:
+        print("# User: {}".format(e[0]))
+        for k in e[1]['sshKey']:
+            if(checkKey(k)):
+                print(k.decode())
+    elif False:
+        print("# User: {} has no Key".format(e[0]))
+        if('mail' in e[1]):
+            print("# - MAIL: {}".format(e[1]['mail']))