Created
January 30, 2023 13:52
-
-
Save JosephGregg/db1511f00c58e24b2e70863707d421b2 to your computer and use it in GitHub Desktop.
ldap domain admins
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import ldap3 | |
import sys | |
def get_domain_admin_usernames(server_name, domain_name): | |
domain_parts = domain_name.split(".") | |
if len(domain_parts) < 2: | |
print("Error: Invalid domain name") | |
sys.exit(1) | |
tld = ".".join(domain_parts[1:]) | |
base_dn = "DC={},DC={}".format(domain_parts[0], tld) | |
group_dn = "CN=Domain Admins,CN=Users,{}".format(base_dn) | |
server = ldap3.Server(server_name, use_ssl=True) | |
conn = ldap3.Connection(server, auto_bind=True) | |
results = conn.extend.standard.paged_search( | |
search_base=base_dn, | |
search_filter="(&(objectCategory=person)(memberOf={}))".format(group_dn), | |
search_scope=ldap3.SUBTREE, | |
attributes=["sAMAccountName"], | |
paged_size=5, | |
) | |
usernames = [entry["attributes"]["sAMAccountName"] for entry in results] | |
return usernames | |
if __name__ == "__main__": | |
if len(sys.argv) < 3: | |
print("Usage: {} <AD server name or IP address> <domain name>".format(sys.argv[0])) | |
sys.exit(1) | |
server_name = sys.argv[1] | |
domain_name = sys.argv[2] | |
usernames = get_domain_admin_usernames(server_name, domain_name) | |
print(usernames) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment