Users Domain Info (Python)¶
Users Domain Info (Python)¶
1# This example retrieves the security group and user attributes directly from the domain (LDAP).
2
3def DescribeUser(user):
4 ot.add(" LoginID: " + user.login_id)
5 ot.add(" Formatted Name: " + user.formatted_name)
6 ot.add(" User Group: " + user.user_group)
7 ot.add(" Email: " + user.email)
8
9# Create a local variable for the output toolbox
10ot = impact.gui.output_toolbox
11db = impact.active_database
12
13# Clear the output toolbox
14ot.clear()
15
16# Retrieve the users from the DB
17users = db.users
18
19# Locate a specific user
20user = None
21try:
22 user = users.item("user1@domain.com")
23except Exception as exc:
24 impact.gui.output_toolbox.add(f"Failed to create object via users.item(): {exc}")
25
26if not user.isNone():
27
28 # Output LDAP security groups and user attributes
29 ot.add("User: " + user.formatted_name)
30 ot.add(" LDAP SecurityGroups: " + user.ldap_security_groups)
31 ot.add(" LDAP mail: " + user.ldap_attribute("mail"))
32 ot.add(" LDAP whenCreated: " + user.ldap_attribute("whenCreated"))
33 ot.add(" LDAP countryCode: " + user.ldap_attribute("countryCode"))
34
35 # Output LDAP account status
36 status = user.ldap_user_account_status
37
38 if not status.isNone():
39
40 ot.add(" LDAP Account Status")
41 ot.add(" IsDisabled: " + status.is_disabled)
42 ot.add(" IsLockedOut: " + status.is_locked_out)
43 ot.add(" AccountHasExpired: " + status.account_has_expired)
44 ot.add(" PasswordCannotBeChanged: " + status.password_cannot_be_changed)
45 ot.add(" PasswordNeverExpires: " + status.password_never_expires)
46 ot.add(" PasswordHasExpired: " + status.password_has_expired)
47 ot.add(" PasswordMustBeResetAtLogon: " + status.password_must_be_reset_at_logon)
48 ot.add(" DaysUntilPasswordExpires: " + status.days_until_password_expires)
49 ot.add(" SecondsUntilPasswordExpires: " + status.seconds_until_password_expires)
50
51 else:
52
53 ot.add("Unable to determine LDAP user account status")
54
55else:
56
57 ot.add("Unable to locate user")