adding admcount to user
skelsec
3 years ago
13 | 13 | 'objectCategory', 'objectClass', 'objectGUID', 'objectSid', 'primaryGroupID', |
14 | 14 | 'pwdLastSet', 'sAMAccountName', 'sAMAccountType', 'sn', 'userAccountControl', |
15 | 15 | 'userPrincipalName', 'whenChanged', 'whenCreated','memberOf','member', 'servicePrincipalName', |
16 | 'msDS-AllowedToDelegateTo', | |
16 | 'msDS-AllowedToDelegateTo', 'adminCount' | |
17 | 17 | ] |
18 | 18 | MSADUser_TSV_ATTRS = [ |
19 | 19 | 'sAMAccountName', 'userPrincipalName' ,'canLogon', 'badPasswordTime', 'description', |
21 | 21 | 'whenCreated', 'whenChanged', 'member', 'memberOf', 'servicePrincipalName', |
22 | 22 | 'objectSid', 'cn', 'UAC_SCRIPT', 'UAC_ACCOUNTDISABLE', 'UAC_LOCKOUT', 'UAC_PASSWD_NOTREQD', |
23 | 23 | 'UAC_PASSWD_CANT_CHANGE', 'UAC_ENCRYPTED_TEXT_PASSWORD_ALLOWED', 'UAC_DONT_EXPIRE_PASSWD', |
24 | 'UAC_USE_DES_KEY_ONLY', 'UAC_DONT_REQUIRE_PREAUTH', 'UAC_PASSWORD_EXPIRED' | |
24 | 'UAC_USE_DES_KEY_ONLY', 'UAC_DONT_REQUIRE_PREAUTH', 'UAC_PASSWORD_EXPIRED', 'adminCount' | |
25 | 25 | ] |
26 | 26 | |
27 | 27 | class MSADUser: |
66 | 66 | self.sAMAccountType = None #int |
67 | 67 | self.userAccountControl = None #UserAccountControl intflag |
68 | 68 | self.allowedtodelegateto = None |
69 | self.admincount = None | |
69 | 70 | |
70 | 71 | |
71 | 72 | ## other |
158 | 159 | adi.countryCode = entry['attributes'].get('countryCode') |
159 | 160 | |
160 | 161 | adi.allowedtodelegateto = entry['attributes'].get('msDS-AllowedToDelegateTo') |
162 | adi.admincount = entry['attributes'].get('adminCount') | |
161 | 163 | |
162 | 164 | temp = entry['attributes'].get('userAccountControl') |
163 | 165 | if temp: |
212 | 214 | t['when_pw_change'] = vn(self.when_pw_change) |
213 | 215 | t['when_pw_expires'] = vn(self.when_pw_expires) |
214 | 216 | t['must_change_pw'] = vn(self.must_change_pw) |
217 | t['admincount'] = self.admincount | |
215 | 218 | t['canLogon'] = vn(self.canLogon) |
216 | 219 | return t |
217 | 220 | |
260 | 263 | t += 'when_pw_change: %s\n' % self.when_pw_change |
261 | 264 | t += 'when_pw_expires: %s\n' % self.when_pw_expires |
262 | 265 | t += 'must_change_pw: %s\n' % self.must_change_pw |
266 | t += 'admincount: %s\n' % self.admincount | |
263 | 267 | t += 'canLogon: %s\n' % self.canLogon |
264 | 268 | |
265 | 269 | return t |