Übersetzung des AD Mailadressen Sammelskripts von Perl nach Python.
getadsmtp.py
1 Datei(en) 4.00 KB
#!/usr/bin/python # getadsmtp.py # Version 1.0 # The script is an translation from the orginal perl script getadsmtp.pl # This script will pull all users' SMTP addresses from your Active Directory # (including primary and secondary email addresses) and list them in the # format "user@example.com OK" which Postfix uses with relay_recipient_maps. # Be sure to double-check the path to python above. # This requires python-ldap to be installed. To install python-ldap on debian based systems, # at a shell type "apt-get install python-ldap" or "sudo apt-get install python-ldap" import os, sys, ldap # Enter the path/file for the output valid_addresses = "/etc/postfix/example_recipients" # Enter the FQDN of your Active Directory domain controllers below dc1="dc01.example.com" dc2="dc02.example.com" # Enter the LDAP container for your userbase. # The syntax is CN=Users,dc=example,dc=com # This can be found by installing the Windows 2000 Support Tools # then running ADSI Edit. # In ADSI Edit, expand the "Domain NC [domaincontroller1.example.com]" & # you will see, for example, DC=example,DC=com (this is your base). # The Users Container will be specified in the right pane as # CN=Users depending on your schema (this is your container). # You can double-check this by clicking "Properties" of your user # folder in ADSI Edit and examining the "Path" value, such as: # LDAP://domaincontroller1.example.com/CN=Users,DC=example,DC=com # which would be hqbase="cn=Users,dc=example,dc=com" # Note: You can also use just hqbase="dc=example,dc=com" hqbase="cn=Users,dc=example,dc=com" # Enter the username & password for a valid user in your Active Directory # with username in the form cn=username,cn=Users,dc=example,dc=com # Make sure the user's password does not expire. Note that this user # does not require any special privileges. # You can double-check this by clicking "Properties" of your user in # ADSI Edit and examining the "Path" value, such as: # LDAP://domaincontroller1.example.com/CN=user,CN=Users,DC=example,DC=com # which would be $user="cn=user,cn=Users,dc=example,dc=com" # Note: You can also use the UPN login: "user@example.com" user="cn=user,cn=Users,dc=example,dc=com" passwd="password" try: l = ldap.initialize("ldap://%s" %(dc1)) l.set_option(ldap.OPT_REFERRALS, 0) l.protocol_version = 3 l.simple_bind_s(user, passwd) except ldap.LDAPError, e: try: l = ldap.initialize("ldap://%s" %(dc2)) l.set_option(ldap.OPT_REFERRALS, 0) l.protocol_version = 3 l.simple_bind_s(user, passwd) except ldap.LDAPError, e: print "Error connecting to specified domain controllers\n" sys.exit() # Play around with this to grab objects such as Contacts, Public Folders, etc. # A minimal filter for just users with email would be: # filter = "(&(sAMAccountName=*)(mail=*))" filter = "(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder)(objectClass=msExchDynamicDistributionList) ))" attrs = ["proxyAddresses"] scope = ldap.SCOPE_SUBTREE r = l.search(hqbase, scope, filter, attrs) type,a = l.result(r) result_set = [] for x in a: name,attrs = x if hasattr(attrs, 'has_key') and attrs.has_key('proxyAddresses'): proxyAddresses = attrs['proxyAddresses'] for y in proxyAddresses: result_set.append("%s OK" %(y.replace("smtp:","").replace("SMTP:",""))) # Add additional restrictions, users, etc. to the output file below. #result_set.append("user@example.com OK") #result_set.append("user1@example.com 550 User unknown.") #result_set.append("bad.example.com 550 User does not exist.") ####################################################################### # Build file ... output = file(valid_addresses,'w') for line in result_set: output.write("%s\n" %(line)) output.close()