msad 0.3.5__py3-none-any.whl → 0.4.0__py3-none-any.whl

msad/__main__.py

@@ -0,0 +1,4 @@
+from .main import app
+
+if __name__ == "__main__":
+    app()

msad/group.py

@@ -17,51 +17,37 @@
 # along with this program.  If not, see <https://www.gnu.org/licenses/>.
 
 import logging
-from .search import *
 
+from .search import get_dn, search
 
-def add_member(
-    conn, search_base=None, group_name=None, group_dn=None, user_name=None, user_dn=None
-):
-    if group_name:
-        group_dn = get_dn(conn, search_base, group_name)
+def add_member(conn, search_base, group, user):
+    group_dn = get_dn(conn, search_base, group)
     if not group_dn:
-        logging.error("group_name or group_dn must be passed and exist")
         return None
 
-    if user_name:
-        user_dn = get_dn(conn, search_base, user_name)
+    user_dn = get_dn(conn, search_base, user)
     if not user_dn:
-        logging.error("user_name or user_dn must be passed and exist")
         return None
 
     return conn.extend.microsoft.add_members_to_groups([user_dn], [group_dn])
 
 
-def remove_member(
-    conn, search_base=None, group_name=None, group_dn=None, user_name=None, user_dn=None
-):
-    if group_name:
-        group_dn = get_dn(conn, search_base, group_name)
-
+def remove_member(conn, search_base, group, user):
+    group_dn = get_dn(conn, search_base, group)
     if not group_dn:
-        logging.error("group_name or group_dn must be passed and exist")
         return None
-    if user_name:
-        user_dn = get_dn(conn, search_base, user_name)
 
+    user_dn = get_dn(conn, search_base, user)
     if not user_dn:
-        logging.error("user_name or user_dn must be passed and exist")
         return None
 
     return conn.extend.microsoft.remove_members_from_groups([user_dn], [group_dn])
 
 
 def group_flat_members(
-    conn, search_base, limit, group_name=None, group_dn=None, attributes=None
+    conn, search_base, limit, group, attributes=None
 ):
-    if group_name:
-        group_dn = get_dn(conn, search_base, group_name)
+    group_dn = get_dn(conn, search_base, group)
 
     if not group_dn:
         return None
@@ -70,30 +56,23 @@ def group_flat_members(
     return search(conn, search_base, search_filter, attributes=attributes)
 
 
-def group_members(conn, search_base, group_name=None, group_dn=None):
-    if group_name:
-        group_dn = get_dn(conn, search_base, group_name)
+def group_members(conn, search_base, group):
+    group_dn = get_dn(conn, search_base, group)
     if not group_dn:
-        logging.error("group_name or group_dn must be passed and exist")
         return None
 
     search_filter = f"(distinguishedName={group_dn})"
     return search(conn, group_dn, search_filter, limit=1, attributes=["member"])
 
 
-def group_member(
-    conn, search_base, group_name=None, group_dn=None, user_name=None, user_dn=None
-):
-    if group_name:
-        group_dn = get_dn(conn, search_base, group_name)
+def group_member(conn, search_base, group, user):
+
+    group_dn = get_dn(conn, search_base, group)
     if not group_dn:
-        logging.error("group_name or group_dn must be passed and exist")
         return None
 
-    if user_name:
-        user_dn = get_dn(conn, search_base, user_name)
+    user_dn = get_dn(conn, search_base, user)
     if not user_dn:
-        logging.error("user_name or user_dn must be passed and exist")
         return None
 
     search_filter = f"(&(memberOf:1.2.840.113556.1.4.1941:={group_dn})(objectCategory=person)(objectClass=user)(distinguishedName={user_dn}))"

msad/main.py

@@ -0,0 +1,339 @@
+#!/usr/bin/env python3
+
+# msad - Active Directory tool
+# Copyright (C) 2025 - matteo.redaelli@gmail.com
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>
+
+import logging
+import datetime
+import os
+import json
+import ssl
+import sys
+import tomllib
+
+import typer
+
+import msad
+import ldap3
+
+from pathlib import Path
+
+
+BANNER = """
+
+"""
+
+logging.basicConfig(level=os.environ.get("LOGLEVEL", "INFO"))
+logging.info(BANNER)
+    
+def _get_domain_config(config: dict|None, domain: str|None):
+    if "defaults" not in config:
+        logging.error(f"Missing entry 'defaults' in config file. Bye!")
+        sys.exit(100)
+    if "domain" not in config["defaults"]:
+        logging.error("Missing entry 'domain' in section 'defaults' in config file. Bye!")
+        sys.exit(101)
+        
+    default_domain = config["defaults"]["domain"]
+    
+    if "domains" not in config:
+        logging.error("Missing section 'domains' in config file. Bye!")
+        sys.exit(102)
+        
+    if default_domain not in config["domains"] :
+        logging.error(f"Missing section '{default_domain}' in section 'domains' in config file. Bye!")
+        sys.exit(103)
+
+    if domain and domain not in config["domains"] :
+        logging.error(f"Missing section '{domain}' in section 'domains' in config file. Bye!")
+        sys.exit(104)
+
+    # TODO: validateing domain sections
+    if not domain:
+        domain = default_domain
+
+    domain_config = config["domains"][domain]
+    for field in ["host", "port", "search_base", "use_ssl"]:
+        if field not in domain_config:
+            logging.error(f"Missing required field '{field}' in section 'domains.{domain}' in config file. Bye!")
+            sys.exit(105)
+    return domain_config
+        
+def _get_config(domain: str|None, config_file: str|None):
+    if not config_file:
+        home = Path.home()
+        config_file = home / ".msad.toml"
+
+    if not os.path.isfile(config_file):
+        logging.error(f"Missing file {config_file}. Bye!")
+        sys.exit(1)
+        
+    if not os.access(config_file, os.R_OK):
+        logging.error(f"File {config_file} is not readable. Bye!")
+        sys.exit(2)
+    
+    """Read config file"""
+    with open(config_file, "rb") as f:
+        data = tomllib.load(f)
+        return _get_domain_config(data, domain)
+
+def _json_converter(o):
+    if isinstance(o, datetime.datetime):
+        return o.__str__()
+    elif isinstance(o, list):
+        return ";".join(o)
+    # else return o
+
+
+def _get_connection_krb(host: str, port: int, use_ssl: bool):
+    tls = ldap3.Tls(validate=ssl.CERT_NONE, version=ssl.PROTOCOL_TLSv1_2)
+    server = ldap3.Server(host, port=port, use_ssl=use_ssl, tls=tls)
+
+    conn = ldap3.Connection(
+        server,
+        authentication=ldap3.SASL,
+        sasl_mechanism=ldap3.KERBEROS,
+        auto_bind=False,
+    )
+    # conn.bind()
+    return conn
+
+
+def _get_connection_user_pwd(host: str, port: int, use_ssl: bool, user: str, password: str):
+    server = ldap3.Server(host, port=port, use_ssl=use_ssl)
+
+    conn = ldap3.Connection(server, user=user, password=password, auto_bind=False)
+    # conn.bind()
+    return conn
+
+
+def _get_connection(config: dict):
+    if "user" in config and "password" in config:
+        conn = _get_connection_user_pwd(config["host"],
+                                        config["port"],
+                                        config["use_ssl"],
+                                        config["user"],
+                                        config["password"])
+    else:
+        conn = _get_connection_krb(config["host"],
+                                   config["port"],
+                                   config["use_ssl"])
+    conn.bind()
+    return conn
+
+def _pprint(ldapresult, out_format="json", sep="\t"):
+    if not ldapresult or out_format == "default":
+        return ldapresult
+    elif out_format == "json1":
+        return json.dumps(dict(ldapresult))
+    else:
+        result = ""
+        for obj in ldapresult:
+            if out_format == "json":
+                result = (
+                    result + json.dumps(dict(obj), default=_json_converter) + "\n"
+                )
+            elif out_format == "csv":
+                sorted_obj = dict(sorted(obj.items()))
+                new_values = list(
+                    map(
+                        lambda v: "|".join(v) if isinstance(v, list) else v,
+                        sorted_obj.values(),
+                    )
+                )
+                result = result + sep.join(new_values) + "\n"
+        return result
+
+    # def users(self, user):
+    #     """Find users inside AD. The
+    #     filter can be the cn or userPrincipalName or samaccoutnname or mail to be searched. Can contain *
+    #     """
+    #     result = msad.users(
+    #         self._conn, self._search_base, user, attributes=self._attributes
+    #     )
+    #     return self._pprint(result)
+
+    # def is_disabled(self, user):
+    #     """Check if a user is disabled"""
+    #     return msad.user.is_disabled(self._conn, self._search_base, user)
+
+    # def is_locked(self, user):
+    #     """Check if the user is locked"""
+    #     return msad.user.is_locked(self._conn, self._search_base, user)
+
+    # def password_changed_in_days(self, user):
+    #     return msad.user.password_changed_in_days(self._conn, self._search_base, user)
+    
+    # def has_expired_password(self, user, max_age):
+    #     """Check is user has the expired password"""
+    #     return msad.has_expired_password(self._conn, self._search_base, user, max_age)
+
+    # def has_never_expires_password(self, user):
+    #     """Check if a user has never expires password"""
+    #     return msad.has_never_expires_password(self._conn, self._search_base, user)
+
+    # def check_user(self, user, max_age, groups=[]):
+    #     """Get some info about a user: is it locked? disabled? password expired?"""
+    #     return msad.check_user(self._conn, self._search_base, user, max_age, groups)
+
+
+
+    # def user_groups(self, user_name=None, user_dn=None):
+    #     """Extract the list of groups of a user (using DN or sAMAccountName)"""
+    #     return msad.user.user_groups(
+    #         self._conn, self._search_base, self._limit, user_name, user_dn
+    #     )
+
+
+    # def group_member(
+    #     self, group_name=None, group_dn=None, user_name=None, user_dn=None
+    # ):
+    #     """Check if the user is a member of a group (using DN or sAMAccountName)"""
+    #     return msad.group_member(
+    #         conn=self._conn,
+    #         search_base=self._search_base,
+    #         group_name=group_name,
+    #         group_dn=group_dn,
+    #         user_name=user_name,
+    #         user_dn=user_dn,
+    #     )
+
+
+
+app = typer.Typer()
+
+@app.command()
+def change_password(user: str,
+                    domain: str|None = None,
+                    config_file: str|None = None):
+    config = _get_config(config_file, domain)
+    conn = _get_connection(config)
+    return msad.user.change_password(
+        conn, config["search_base"], user)
+
+@app.command()
+def group_add_member(group: str,
+                     user: str,
+                     domain: str|None = None,
+                     config_file: str|None = None):
+    """Adds the user to a group (using DN or sAMAccountName)"""
+    
+    config = _get_config(config_file, domain)
+    conn = _get_connection(config)
+    result =  msad.add_member(
+        conn=conn,
+        search_base=config["search_base"],
+        group=group,
+        user=user,
+    )
+    return result
+
+@app.command()
+def group_remove_member(group: str,
+                     user: str,
+                     domain: str|None = None,
+                     config_file: str|None = None):
+    """Remove the user to a group (using DN or sAMAccountName)"""
+    
+    config = _get_config(config_file, domain)
+    conn = _get_connection(config)
+    result =  msad.remove_member(
+        conn=conn,
+        search_base=config["search_base"],
+        group=group,
+        user=user,
+    )
+    return result
+
+@app.command()
+def group_members(group: str,
+                  nested: bool=False,
+                  limit: int = 2000,
+                  domain: str|None = None,
+                  config_file: str|None = None,
+                  out_format: str = "json",
+                  attributes: list[str] = []):
+    
+    config = _get_config(config_file, domain)
+    conn = _get_connection(config)
+    if nested:
+        result = msad.group_flat_members(
+            conn,
+            config["search_base"],
+            limit,
+            group,
+            attributes=attributes,
+        )
+    else:
+        """Extract the direct members of a group"""
+        result = msad.group_members(
+            conn,
+            config["search_base"],
+            group)
+    print(_pprint(result))
+    
+@app.command()
+def search(filter: str,
+           limit: int = 2000,
+           domain: str|None = None,
+           config_file: str|None = None,
+           out_format: str = "json",
+           attributes: list[str] = []):
+    config = _get_config(config_file, domain)
+    conn = _get_connection(config)
+    result = msad.search(conn, config["search_base"], filter, limit=limit, attributes=attributes)
+    print(_pprint(result, out_format))
+
+@app.command()
+def get_sample_config():
+    output = """
+[defaults]
+
+domain = "mydomain"
+
+[domains]
+
+[domains.mydomain]
+
+host = "example.com"
+search_base = "dc=example,dc=com"
+    
+port = 636
+use_ssl = true
+#port = 389
+#use_ssl = false
+
+# user =
+# password =
+"""
+    print(output)
+
+@app.command()
+def user_groups(user: str,
+                nested: bool=False,
+                limit: int = 2000,
+                domain: str|None = None,
+                config_file: str|None = None,
+                out_format: str = "json"):
+    
+    config = _get_config(config_file, domain)
+    conn = _get_connection(config)
+
+    result = msad.user.user_groups(conn, config["search_base"], limit, user, nested=nested)
+    print(_pprint(result, out_format))
+
+if __name__ == "__main__":
+    app()

msad/search.py

@@ -53,11 +53,14 @@ def users(conn, search_base, string, limit, attributes=None):
     return search(conn, search_base, search_filter, limit=limit, attributes=attributes)
 
 
-def get_dn(conn, search_base, sAMAccountName):
-    search_filter = f"(sAMAccountName={sAMAccountName})"
+def get_dn(conn, search_base, entry):
+    if entry.lower().startswith("cn="):
+        return entry
+    search_filter = f"(sAMAccountName={entry})"
     result = search(conn, search_base, search_filter, attributes=["distinguishedName"])
     logging.debug(result)
     if len(result) < 1:
+        logging.error(f"entry {entry} not found")
         return None
 
     return result[0]["distinguishedName"]

msad/user.py

@@ -20,7 +20,7 @@ import logging
 import getpass
 import ldap3
 import datetime
-from .search import *
+from .search import get_dn, search
 from .group import *
 
 
@@ -34,9 +34,8 @@ def _enter_password(text):
         return p
 
 
-def change_password(conn, search_base, user_name=None, user_dn=None):
-    if user_name:
-        user_dn = get_dn(conn, search_base, user_name)
+def change_password(conn, search_base, user):
+    user_dn = get_dn(conn, search_base, user)
 
     if not user_dn:
         return None
@@ -134,16 +133,21 @@ def check_user(conn, search_base, user, max_age, groups=[]):
         )
 
 
-def user_groups(conn, search_base, limit, user_name=None, user_dn=None):
+def user_groups(conn, search_base, limit, user, nested=True):
     """retrieve all groups (also nested) of a user"""
 
-    if user_name:
-        user_dn = get_dn(conn, search_base, user_name)
+    user_dn = get_dn(conn, search_base, user)
 
     if not user_dn:
         return None
 
-    search_filter = f"(member:1.2.840.113556.1.4.1941:={user_dn})"
+    if nested:
+        search_filter = f"(member:1.2.840.113556.1.4.1941:={user_dn})"
+        attributes = ["sAMaccountName"]
+    else:
+        search_filter = "(objectClass=*)"
+        search_base = user_dn
+        attributes = ["memberOf"]
     return search(
-        conn, search_base, search_filter, limit=limit, attributes=["sAMaccountName"]
+        conn, search_base, search_filter, limit=limit, attributes=attributes
     )

msad-0.4.0.dist-info/METADATA

@@ -0,0 +1,103 @@
+Metadata-Version: 2.4
+Name: msad
+Version: 0.4.0
+Summary: msad is a commandline for interacting with Active Directory
+Project-URL: Homepage, https://github.com/matteoredaelli/msad
+Project-URL: Issues, https://github.com/matteoredaelli/msad/issues
+Author-email: Matteo Redaelli <matteo.redaelli@gmail.com>
+License-Expression: GPL-3.0-or-later
+License-File: LICENSE
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Requires-Python: >=3.9
+Requires-Dist: cryptography
+Requires-Dist: gssapi
+Requires-Dist: ldap3
+Requires-Dist: typer
+Description-Content-Type: text/markdown
+
+# msAD
+
+*msad* is a library and command line tool for working with an Active Directory / LDAP server from Unix, Linux and MacOs systems.
+
+It supports authentication with user/pwd and kerberos
+
+It supports paginations: it can retreive more than 2000 objects (a limit of AD)
+
+It can be used for:
+- search objects (users, groups, computers,..)
+- search (recursively) group memberships and all user's groups
+- add/remove members to/from AD groups using DN or sAMaccoutName
+- change AD passwords
+- check if a user is disabled or locked, group membership
+
+## Prerequisites
+
+python >= 3.9
+
+For kerboros auth
+
+  - krb5 lib and tools (like kinit, ...)
+  - a keytab file or 
+  
+## Installation
+
+```bash
+pipx install msad
+```
+
+## COnfiguration
+
+Create a configuration file in $HOME/.msad.toml as suggested by
+
+```bash
+msad get-sample-config
+```
+
+
+## Usage
+
+
+```bash
+msad --help
+
+python -m msad --help
+
+```
+
+
+For kerberos authentication, first you need to login to AD / get a ticket kerberos with
+
+```bash
+kinit youraduser
+```
+
+
+
+```text
+msad search "(samaccountname=matteo)"  --out-format=json
+
+msad search "(cn=redaelli*)" --attribute mail --attribute samaccountname --out-format=json
+
+msad group-members qlik_analyzer_users --nested
+
+msad group-add-member qlik_analyzer_users matteo
+
+msad group-remove-member qlik_analyzer_users matteo
+
+msad user-groups matteo --nested
+
+```
+
+## Sample
+
+
+
+## License
+
+Copyright © 2021 - 2025 Matteo Redaelli
+
+This program is free software: you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation, either version 3 of the License, or
+(at your option) any later version.

msad-0.4.0.dist-info/RECORD

@@ -0,0 +1,12 @@
+msad/__init__.py,sha256=DJ6egXlvzOK_k0XlN7BpmMRuwu4MM7eQoxLE0Ou-sLI,63
+msad/__main__.py,sha256=RCZmmoCNOWC7rAfIDm_LaymsybXIzE6McYbUEEkf9P8,60
+msad/ad.py,sha256=C3dknAgRY6Jnotk0RgPSye7uzNxUd-7B3oGloGR674E,5679
+msad/group.py,sha256=3HNpXfYK4yXxDNsXn72JOZSMEwjj0kMiDvVBca1oVuI,2510
+msad/main.py,sha256=5wBSPOZPkOnYfe-gow1YFt65FpawJooZ3eOKp_RFP0A,10573
+msad/search.py,sha256=j8PedOZVf7eFBG34ZfHoVEfEPbYE0nOtznKTLwu48Eg,3476
+msad/user.py,sha256=k9INOsuSekCB4w0EYYrcgPQChvOfawIzLYv7h37-DXM,4557
+msad-0.4.0.dist-info/METADATA,sha256=KL37POSU35W_FjShUlAU8Qf48EVUpGwPkCbWMUmQ5T0,2288
+msad-0.4.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+msad-0.4.0.dist-info/entry_points.txt,sha256=UKSjeppC0YX2dfybmBfxLXCqF_HMZFfPX1MRw88rtpI,39
+msad-0.4.0.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+msad-0.4.0.dist-info/RECORD,,

msad-0.4.0.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+msad = msad.main:app

msad/command_line.py

@@ -1,265 +0,0 @@
-#!/usr/bin/env python3
-
-# msad - Active Directory tool
-# Copyright (C) 2020 - matteo.redaelli@gmail.com
-
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>
-
-import logging
-import os
-import datetime
-import sys
-import msad
-import fire
-import ldap3
-import ssl
-import json
-from typing import List, Tuple, Dict
-import pprint
-
-
-def _json_converter(o):
-    if isinstance(o, datetime.datetime):
-        return o.__str__()
-    elif isinstance(o, list):
-        return ";".join(o)
-    # else return o
-
-
-def _get_connection_krb(host, port, use_ssl):
-    tls = ldap3.Tls(validate=ssl.CERT_NONE, version=ssl.PROTOCOL_TLSv1_2)
-    server = ldap3.Server(host, port=port, use_ssl=use_ssl, tls=tls)
-
-    conn = ldap3.Connection(
-        server,
-        authentication=ldap3.SASL,
-        sasl_mechanism=ldap3.KERBEROS,
-        auto_bind=False,
-    )
-    # conn.bind()
-    return conn
-
-
-def _get_connection_user_pwd(host, port, use_ssl, user, password):
-    server = ldap3.Server(host, port, use_ssl)
-
-    conn = ldap3.Connection(server, user=user, password=password, auto_bind=False)
-    # conn.bind()
-    return conn
-
-
-def _get_connection(host, port, use_ssl, sso, user, password):
-    if user and password:
-        conn = _get_connection_user_pwd(host, port, use_ssl, user, password)
-    else:
-        conn = _get_connection_krb(host, port, use_ssl)
-
-    conn.bind()
-    return conn
-
-
-class AD:
-    """*msad* is command line tool for Active Directory. With it you can
-    search objects,
-    add/remove members to/from groups,
-    change password
-    check if a user is locked, disabled
-    check if a user's password is expired
-    ..."""
-
-    def __init__(
-        self,
-        host,
-        port,
-        use_ssl=True,
-        sso=True,
-        user=None,
-        password=None,
-        search_base=None,
-        limit=0,
-        attributes=None,
-        out_format="default",
-        sep=";",
-    ):
-        try:
-            self._conn = _get_connection(host, port, use_ssl, sso, user, password)
-        except:
-            logging.error(
-                f"Cannot login to Active Directory (host: {host}, port: {port}). Bye"
-            )
-            sys.exit(1)
-        self._attributes = attributes
-        self._sep = sep
-        self._search_base = search_base
-        self._limit = limit
-        self._out_format = out_format
-
-    def change_password(self, user_name=None, user_dn=None):
-        return msad.user.change_password(
-            self._conn, self._search_base, user_name, user_dn
-        )
-
-    def search(self, search_filter):
-        self._conn.search(
-            self._search_base,
-            search_filter,
-            size_limit=self._limit,
-            attributes=self._attributes,
-        )
-        result = list(filter(lambda e: "attributes" in e, self._conn.response))
-        result = list(map(lambda e: e["attributes"], result))
-        return self._pprint(result)
-
-    def _pprint(self, ldapresult):
-        if not ldapresult or self._out_format == "default":
-            return ldapresult
-        elif self._out_format == "json1":
-            return json.dumps(dict(ldapresult))
-        else:
-            result = ""
-            for obj in ldapresult:
-                if self._out_format == "json":
-                    result = (
-                        result + json.dumps(dict(obj), default=_json_converter) + "\n"
-                    )
-                elif self._out_format == "csv":
-                    sorted_obj = dict(sorted(obj.items()))
-                    new_values = list(
-                        map(
-                            lambda v: "|".join(v) if isinstance(v, list) else v,
-                            sorted_obj.values(),
-                        )
-                    )
-                    result = result + self._sep.join(new_values) + "\n"
-            return result
-
-    def users(self, user):
-        """Find users inside AD. The
-        filter can be the cn or userPrincipalName or samaccoutnname or mail to be searched. Can contain *
-        """
-        result = msad.users(
-            self._conn, self._search_base, user, attributes=self._attributes
-        )
-        return self._pprint(result)
-
-    def is_disabled(self, user):
-        """Check if a user is disabled"""
-        return msad.user.is_disabled(self._conn, self._search_base, user)
-
-    def is_locked(self, user):
-        """Check if the user is locked"""
-        return msad.user.is_locked(self._conn, self._search_base, user)
-
-    def password_changed_in_days(self, user):
-        return msad.user.password_changed_in_days(self._conn, self._search_base, user)
-    
-    def has_expired_password(self, user, max_age):
-        """Check is user has the expired password"""
-        return msad.has_expired_password(self._conn, self._search_base, user, max_age)
-
-    def has_never_expires_password(self, user):
-        """Check if a user has never expires password"""
-        return msad.has_never_expires_password(self._conn, self._search_base, user)
-
-    def check_user(self, user, max_age, groups=[]):
-        """Get some info about a user: is it locked? disabled? password expired?"""
-        return msad.check_user(self._conn, self._search_base, user, max_age, groups)
-
-    def group_flat_members(self, group_name=None, group_dn=None):
-        """Extract all the (nested) members of a group"""
-        result = msad.group_flat_members(
-            self._conn,
-            self._search_base,
-            self._limit,
-            group_name,
-            group_dn,
-            attributes=self._attributes,
-        )
-        return self._pprint(result)
-
-    def group_members(self, group_name=None, group_dn=None):
-        """Extract the direct members of a group"""
-        if group_name is None and group_dn is None:
-            logging.error("group_name or group_dn must be entered")
-            return None
-        result = msad.group_members(self._conn, self._search_base, group_name, group_dn)
-        return self._pprint(result)
-
-    def add_member(self, group_name=None, group_dn=None, user_name=None, user_dn=None):
-        """Adds the user to a group (using DN or sAMAccountName)"""
-        return msad.add_member(
-            conn=self._conn,
-            search_base=self._search_base,
-            group_name=group_name,
-            group_dn=group_dn,
-            user_name=user_name,
-            user_dn=user_dn,
-        )
-
-    def user_groups(self, user_name=None, user_dn=None):
-        """Extract the list of groups of a user (using DN or sAMAccountName)"""
-        return msad.user.user_groups(
-            self._conn, self._search_base, self._limit, user_name, user_dn
-        )
-
-    def remove_member(
-        self, group_name=None, group_dn=None, user_name=None, user_dn=None
-    ):
-        """Remove the user from a group (using DN or sAMAccountName)"""
-        return msad.remove_member(
-            conn=self._conn,
-            search_base=self._search_base,
-            group_name=group_name,
-            group_dn=group_dn,
-            user_name=user_name,
-            user_dn=user_dn,
-        )
-
-    def group_member(
-        self, group_name=None, group_dn=None, user_name=None, user_dn=None
-    ):
-        """Check if the user is a member of a group (using DN or sAMAccountName)"""
-        return msad.group_member(
-            conn=self._conn,
-            search_base=self._search_base,
-            group_name=group_name,
-            group_dn=group_dn,
-            user_name=user_name,
-            user_dn=user_dn,
-        )
-
-
-BANNER = """
- __  __  ____     _     ____  
-|  \/  |/ ___|   / \   |  _ \ 
-| |\/| |\___ \  / _ \  | | | |
-| |  | | ___) |/ ___ \ | |_| |
-|_|  |_||____//_/   \_\|____/ 
-                              
-https://github.com/matteoredaelli/msad
-
-https://pypi.org/project/msad/
-
-"""
-
-
-def main():
-    """main"""
-    logging.basicConfig(level=os.environ.get("LOGLEVEL", "INFO"))
-    logging.info(BANNER)
-    fire.Fire(AD)
-
-
-if __name__ == "__main__":
-    main()

msad-0.3.5.dist-info/METADATA

@@ -1,118 +0,0 @@
-Metadata-Version: 2.4
-Name: msad
-Version: 0.3.5
-Summary: msad is a commandline for interacting with Active Directory
-Project-URL: Homepage, https://github.com/matteoredaelli/msad
-Project-URL: Issues, https://github.com/matteoredaelli/msad/issues
-Author-email: Matteo Redaelli <matteo.redaelli@gmail.com>
-License-Expression: GPL-3.0-or-later
-License-File: LICENSE
-Classifier: Operating System :: OS Independent
-Classifier: Programming Language :: Python :: 3
-Requires-Python: >=3.9
-Requires-Dist: cryptography
-Requires-Dist: fire
-Requires-Dist: gssapi
-Requires-Dist: ldap3
-Description-Content-Type: text/markdown
-
-# msAD
-
-
-msad is a library and command line tool for working with an Active Directory / LDAP server. It can be used for:
-- search objects (users, groups, computers,..)
-- search group members
-- add/remove members to/from AD groups using DN or sAMaccoutName
-- change AD passwords
-- check if a user is disabled or locked, group membership
-
-
-## Usage
-
-```bash
-msad --help
-```
-
-```text
- COMMAND is one of the following:
-
-     add_member
-       Adds the user to a group (using DN or sAMAccountName)
-
-     change_password
-
-     check_user
-       Get some info about a user: is it locked? disabled? password expired?
-
-     group_flat_members
-       Extract all the (nested) members of a group
-
-     group_member
-       Check if the user is a member of a group (using DN or sAMAccountName)
-
-     group_members
-       Extract the direct members of a group
-
-     has_expired_password
-       Check is user has the expired password
-
-     has_never_expires_password
-       Check if a user has never expires password
-
-     is_disabled
-       Check if a user is disabled
-
-     is_locked
-       Check if the user is locked
-
-     remove_member
-       Remove the user from a group (using DN or sAMAccountName)
-
-     search
-
-     user_groups
-       Extract the list of groups of a user (using DN or sAMAccountName)
-
-     users
-       Find users inside AD. The filter can be the cn or userPrincipalName or samaccoutnname or mail to be searched. Can contain *
-
-```
-
-## Sample
-
-I find useful to add an alias in my ~/.bash_aliases
-
-```bash
-alias msad='/usr/local/bin/msad --host=dmc1it.group.redaelli.org --port=636 --search_base dc=group,dc=redaelli,dc=org'
-```
-
-Retreive info about a user
-
-```bash
-msad check_user matteo 90 \[qliksense_analyzer,qliksense_professional\] 2>/dev/null
-```
-
-```json
-{"is_disabled": false}
-{"is_locked": false}
-{"has_never_expires_password": false}
-{"has_expired_password": false}
-{"membership_qliksense_analyzer": false}
-{"membership_qliksense_professional": true}
-```
-
-Getting nested group members (it is a pages search, it can retreive more than 1000 users)
-
-```bash
-msad --out_format csv --attributes samaccountname,mail,sn,givenName group_flat_members "dc=group,dc=redaelli,dc=org" --group_name "qliksense_admin"
-```
-
-
-## License
-
-Copyright © 2021 2022 Matteo Redaelli
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.

msad-0.3.5.dist-info/RECORD

@@ -1,11 +0,0 @@
-msad/__init__.py,sha256=DJ6egXlvzOK_k0XlN7BpmMRuwu4MM7eQoxLE0Ou-sLI,63
-msad/ad.py,sha256=C3dknAgRY6Jnotk0RgPSye7uzNxUd-7B3oGloGR674E,5679
-msad/command_line.py,sha256=6JB_rcYsd7UKVgUWmIdMJxMJ5oKmE_KshX7WYe5b5P0,8500
-msad/group.py,sha256=TKIDEzQEBugux2imt81YX1byRtz31W_qZRXADfoHSbU,3448
-msad/search.py,sha256=sQfvaaWX6yMKNk5nCPH6yQb2_54LjaEJuXc8FGOhrIo,3383
-msad/user.py,sha256=oWpoAHcgTMsFf3RXr0wSECONZkJfsIXC3EZTx16BqiY,4466
-msad-0.3.5.dist-info/METADATA,sha256=1NboA4x0TsN2drxFZjyQpBRT-Y7lyQoJrM37dtN0-tg,3135
-msad-0.3.5.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-msad-0.3.5.dist-info/entry_points.txt,sha256=s9wIVNQKKBX5Y6KaYj0STVIZ66mBsseHaamXjshIw7Y,48
-msad-0.3.5.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-msad-0.3.5.dist-info/RECORD,,

msad-0.3.5.dist-info/entry_points.txt

@@ -1,2 +0,0 @@
-[console_scripts]
-msad = msad.command_line:main