PyPI - msad - Versions diffs - 0.4.0__py3-none-any.whl → 0.4.2__py3-none-any.whl - Mend

msad 0.4.0py3-none-any.whl → 0.4.2py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

msad/search.py +1 -1
msad/user.py +11 -27
{msad-0.4.0.dist-info → msad-0.4.2.dist-info}/METADATA +20 -26
msad-0.4.2.dist-info/RECORD +12 -0
msad-0.4.0.dist-info/RECORD +0 -12
{msad-0.4.0.dist-info → msad-0.4.2.dist-info}/WHEEL +0 -0
{msad-0.4.0.dist-info → msad-0.4.2.dist-info}/entry_points.txt +0 -0
{msad-0.4.0.dist-info → msad-0.4.2.dist-info}/licenses/LICENSE +0 -0

msad/search.py CHANGED Viewed

@@ -49,7 +49,7 @@ def users(conn, search_base, string, limit, attributes=None):
     """Search users inside AD
     filter: is the cn or userPrincipalName or samaccoutnname or mail to be searched. Can contain *
     """
-    search_filter = f"(&(objectclass=user)(|(samaccountname={string})(mail={string})(cn={string})(userPrincipalName={string})))"
+    search_filter = f"(&(objectclass=user)(|(samaccountname={string})(mail={string})(cn={string}*)(userPrincipalName={string}*)))"
     return search(conn, search_base, search_filter, limit=limit, attributes=attributes)

msad/user.py CHANGED Viewed

@@ -20,11 +20,11 @@ import logging
 import getpass
 import ldap3
 import datetime
-from .search import get_dn, search
-from .group import *
+from .search import disabled_users, get_dn, search, locked_users, never_expires_password
+from .group import group_member
-def _enter_password(text):
+def _enter_password(text: str):
     try:
         p = getpass.getpass(text)
     except Exception as error:
@@ -34,7 +34,7 @@ def _enter_password(text):
         return p
-def change_password(conn, search_base, user):
+def change_password(conn, search_base: str, user: str):
     user_dn = get_dn(conn, search_base, user)
     if not user_dn:
@@ -47,7 +47,7 @@ def change_password(conn, search_base, user):
         conn.extend.microsoft.modify_password(user_dn, newpwd, oldpwd)
-def is_disabled(conn, search_base, user):
+def is_disabled(conn, search_base: str, user: str):
     result = disabled_users(
         conn, search_base, f"(samaccountname={user})", limit=1, attributes=None
     )
@@ -55,37 +55,21 @@ def is_disabled(conn, search_base, user):
     return True if len(result) == 1 else None
-def is_locked(conn, search_base, user):
+def is_locked(conn, search_base: str, user: str):
     result = locked_users(
         conn, search_base, f"(samaccountname={user})", limit=1, attributes=None
     )
     return True if len(result) == 1 else None
-def has_never_expires_password(conn, search_base, user):
+def has_never_expires_password(conn, search_base: str, user: str):
     result = never_expires_password(
         conn, search_base, f"(samaccountname={user})", limit=1, attributes=None
     )
     return True if len(result) == 1 else None
-def password_changed_in_days(conn, search_base, user, limit=1000):
-    search_filter = f"(samaccountname={user})"
-    result = search(
-        conn, search_base, search_filter, limit=limit, attributes=["sAMAccountName","pwdLastSet"]
-    )
-    if len(result) == 0:
-        return None
-    now = datetime.datetime.now()
-    result = [ {"sAMAccountName": u["sAMAccountName"],
-                "days": (now - u["pwdLastSet"].replace(tzinfo=None)).days} for u in result]
-    return result
-def has_expired_password(conn, search_base, user, max_age):
+def password_changed_in_days(conn, search_base: str, user: str, limit: int = 2000, max_age: int):
     #    return search(conn, search_base, search_filter, attributes=attributes)
     search_filter = f"(samaccountname={user})"
     result = search(
@@ -106,7 +90,7 @@ def has_expired_password(conn, search_base, user, max_age):
         return True if days > max_age else False
-def check_user(conn, search_base, user, max_age, groups=[]):
+def check_user(conn, search_base:str, user:str, max_age:int, groups=[]):
     # result = {}
     yield ({"is_disabled": is_disabled(conn, search_base, user)})
     yield ({"is_locked": is_locked(conn, search_base, user)})
@@ -127,13 +111,13 @@ def check_user(conn, search_base, user, max_age, groups=[]):
         yield (
             {
                 f"membership_{group}": group_member(
-                    conn, search_base, group_name=group, user_name=user
+                    conn, search_base, group=group, user=user
                 )
             }
         )
-def user_groups(conn, search_base, limit, user, nested=True):
+def user_groups(conn, search_base:str , limit: int, user: str, nested: bool =True):
     """retrieve all groups (also nested) of a user"""
     user_dn = get_dn(conn, search_base, user)

{msad-0.4.0.dist-info → msad-0.4.2.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: msad
-Version: 0.4.0
+Version: 0.4.2
 Summary: msad is a commandline for interacting with Active Directory
 Project-URL: Homepage, https://github.com/matteoredaelli/msad
 Project-URL: Issues, https://github.com/matteoredaelli/msad/issues
@@ -9,11 +9,12 @@ License-Expression: GPL-3.0-or-later
 License-File: LICENSE
 Classifier: Operating System :: OS Independent
 Classifier: Programming Language :: Python :: 3
-Requires-Python: >=3.9
-Requires-Dist: cryptography
-Requires-Dist: gssapi
-Requires-Dist: ldap3
-Requires-Dist: typer
+Requires-Python: >=3.11
+Requires-Dist: click==8.1.8
+Requires-Dist: cryptography==44.0.2
+Requires-Dist: gssapi==1.9.0
+Requires-Dist: ldap3==2.9.1
+Requires-Dist: typer==0.15.2
 Description-Content-Type: text/markdown
 # msAD
@@ -24,21 +25,22 @@ It supports authentication with user/pwd and kerberos
 It supports paginations: it can retreive more than 2000 objects (a limit of AD)
-It can be used for:
-- search objects (users, groups, computers,..)
-- search (recursively) group memberships and all user's groups
-- add/remove members to/from AD groups using DN or sAMaccoutName
-- change AD passwords
-- check if a user is disabled or locked, group membership
+Features:
+- [X] search objects (users, groups, computers,..)
+- [X] search (recursively) group memberships and all user's groups
+- [X] add/remove members to/from AD groups using DN or sAMaccoutName
+- [X] change AD passwords
+- [ ] check if a user is disabled or locked
 ## Prerequisites
-python >= 3.9
+python >= 3.11
 For kerboros auth
   - krb5 lib and tools (like kinit, ...)
-  - a keytab file or
+  - a keytab file or krb5.conf configured
 ## Installation
@@ -46,7 +48,7 @@ For kerboros auth
 pipx install msad
 ```
-## COnfiguration
+## Configuration
 Create a configuration file in $HOME/.msad.toml as suggested by
@@ -54,7 +56,6 @@ Create a configuration file in $HOME/.msad.toml as suggested by
 msad get-sample-config
 ```
 ## Usage
@@ -65,19 +66,16 @@ python -m msad --help
 ```
 For kerberos authentication, first you need to login to AD / get a ticket kerberos with
 ```bash
-kinit youraduser
+kinit # or kinit myaduser
 ```
 ```text
-msad search "(samaccountname=matteo)"  --out-format=json
+msad search "(samaccountname=matteo)"  --out-format=json # show all attributes
-msad search "(cn=redaelli*)" --attribute mail --attribute samaccountname --out-format=json
+msad search "(cn=redaelli*)" --attributes mail --attributes samaccountname --out-format=json
 msad group-members qlik_analyzer_users --nested
@@ -89,10 +87,6 @@ msad user-groups matteo --nested
 ```
-## Sample
 ## License
 Copyright © 2021 - 2025 Matteo Redaelli

msad-0.4.2.dist-info/RECORD ADDED Viewed

@@ -0,0 +1,12 @@
+msad/__init__.py,sha256=DJ6egXlvzOK_k0XlN7BpmMRuwu4MM7eQoxLE0Ou-sLI,63
+msad/__main__.py,sha256=RCZmmoCNOWC7rAfIDm_LaymsybXIzE6McYbUEEkf9P8,60
+msad/ad.py,sha256=C3dknAgRY6Jnotk0RgPSye7uzNxUd-7B3oGloGR674E,5679
+msad/group.py,sha256=3HNpXfYK4yXxDNsXn72JOZSMEwjj0kMiDvVBca1oVuI,2510
+msad/main.py,sha256=5wBSPOZPkOnYfe-gow1YFt65FpawJooZ3eOKp_RFP0A,10573
+msad/search.py,sha256=ADbUD8j_Tbh2XIWUYiWcgkg6pmKDciIL3DnCHf_Twzs,3478
+msad/user.py,sha256=MWv-U8_FYP-dsuzQQjKP1T-IToP-kz4VBbX1W6QLliY,4241
+msad-0.4.2.dist-info/METADATA,sha256=OJ8NAAF7BvPZJmOK4p6Rv31X-DQGLOipfuXs73pA-cI,2379
+msad-0.4.2.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+msad-0.4.2.dist-info/entry_points.txt,sha256=UKSjeppC0YX2dfybmBfxLXCqF_HMZFfPX1MRw88rtpI,39
+msad-0.4.2.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+msad-0.4.2.dist-info/RECORD,,

msad-0.4.0.dist-info/RECORD DELETED Viewed

@@ -1,12 +0,0 @@
-msad/__init__.py,sha256=DJ6egXlvzOK_k0XlN7BpmMRuwu4MM7eQoxLE0Ou-sLI,63
-msad/__main__.py,sha256=RCZmmoCNOWC7rAfIDm_LaymsybXIzE6McYbUEEkf9P8,60
-msad/ad.py,sha256=C3dknAgRY6Jnotk0RgPSye7uzNxUd-7B3oGloGR674E,5679
-msad/group.py,sha256=3HNpXfYK4yXxDNsXn72JOZSMEwjj0kMiDvVBca1oVuI,2510
-msad/main.py,sha256=5wBSPOZPkOnYfe-gow1YFt65FpawJooZ3eOKp_RFP0A,10573
-msad/search.py,sha256=j8PedOZVf7eFBG34ZfHoVEfEPbYE0nOtznKTLwu48Eg,3476
-msad/user.py,sha256=k9INOsuSekCB4w0EYYrcgPQChvOfawIzLYv7h37-DXM,4557
-msad-0.4.0.dist-info/METADATA,sha256=KL37POSU35W_FjShUlAU8Qf48EVUpGwPkCbWMUmQ5T0,2288
-msad-0.4.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-msad-0.4.0.dist-info/entry_points.txt,sha256=UKSjeppC0YX2dfybmBfxLXCqF_HMZFfPX1MRw88rtpI,39
-msad-0.4.0.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-msad-0.4.0.dist-info/RECORD,,

{msad-0.4.0.dist-info → msad-0.4.2.dist-info}/WHEEL RENAMED Viewed

File without changes

{msad-0.4.0.dist-info → msad-0.4.2.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{msad-0.4.0.dist-info → msad-0.4.2.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

msad 0.4.0__py3-none-any.whl → 0.4.2__py3-none-any.whl

msad 0.4.0py3-none-any.whl → 0.4.2py3-none-any.whl