Users Domain Info¶
Users Domain Info¶
1# This example retrieves the security group and user attributes directly from the domain (LDAP).
2
3
4# Create a local variable for the output toolbox
5ot = impact.gui.output_toolbox
6db = impact.active_database
7
8
9def describe_user(user):
10 ot.add(" LoginID: " + str(user.login_id))
11 ot.add(" Formatted Name: " + str(user.formatted_name))
12 ot.add(" User Group: " + str(user.user_group))
13 ot.add(" Email: " + str(user.email))
14
15
16# Clear the output toolbox
17ot.clear()
18
19# Retrieve the users from the DB
20users = db.users
21
22# Locate a specific user
23user = users.item("user1@domain.com")
24
25if not user.isNone():
26
27 # Output LDAP security groups and user attributes
28 ot.add("User: " + str(user.formatted_name))
29 ot.add(" LDAP SecurityGroups: " + str(user.ldap_security_groups))
30 ot.add(" LDAP mail: " + user.ldap_attribute("mail"))
31 ot.add(" LDAP whenCreated: " + user.ldap_attribute("whenCreated"))
32 ot.add(" LDAP countryCode: " + user.ldap_attribute("countryCode"))
33
34 # Output LDAP account status
35 status = user.ldap_user_account_status
36
37 if status is not None:
38 ot.add(" LDAP Account Status")
39 ot.add(" IsDisabled: " + str(status.is_disabled))
40 ot.add(" IsLockedOut: " + str(status.is_locked_out))
41 ot.add(" AccountHasExpired: " + str(status.account_has_expired))
42 ot.add(" PasswordCannotBeChanged: " + str(status.password_cannot_be_changed))
43 ot.add(" PasswordNeverExpires: " + str(status.password_never_expires))
44 ot.add(" PasswordHasExpired: " + str(status.password_has_expired))
45 ot.add(" PasswordMustBeResetAtLogon: " + str(status.password_must_be_reset_at_logon))
46 ot.add(" DaysUntilPasswordExpires: " + str(status.days_until_password_expires))
47 ot.add(" SecondsUntilPasswordExpires: " + str(status.seconds_until_password_expires))
48
49 else:
50 ot.add("Unable to determine LDAP user account status")
51
52else:
53 ot.add("Unable to locate user")