Search Filter Syntax in Active Directory
Dirk Hagemann
usenet at mail-2-me.com
Fri Oct 1 19:37:53 EDT 2004
Tim Golden schrieb:
> [Dirk Hagemann]
> | I want to get the properties of all the computer-accounts of an
> | ActiveDirectory structure (Microsoft). I know that could be done by
> | using "Search Filter Syntax" with LDAP-Dialect or SQL-Dialect.
> | I found a lot of information about these dialects, but no
> | example how to use this in an python-script.
> | Does anybody have a simple example for me, how to get some
> | information out of AD?
>
> I twitch nervously every time I have to pull something
> out of AD, but hopefully a couple of working examples
> might get you going. In general, anything you see elsewhere
> in VBS etc. can be done with a couple of GetObject-type
> calls in win32com.client.
>
> First example: find the display name of a user, given a user name.
> This one uses the LDAP:// moniker syntax.
>
> <code>
>
> import win32com.client
>
> username = "goldent"
> ldap_string = "LDAP://cn=%s,cn=users,dc=gb,dc=vo,dc=local" % username
> ldap_me = win32com.client.GetObject (ldap_string)
> print username, "=>", ldap_me.Get ("displayName")
>
> </code>
>
> Second example: find all the domains known by this workstation/server.
> This example uses the WinNT:// object, which I personally find
> a lot easier / more intuitive to use, so long as it meets your
> need (it doesn't do everything, and I'm not sure you can update
> through it).
>
> <code>
>
> import win32com.client
>
> for domain in win32com.client.GetObject ("WinNT:"):
> print domain.Name
>
> </code>
>
> Third example: list all the computers in a particular domain.
> Again WinNT:// syntax.
>
> <code>
>
> import win32com.client
> domain_name = "VOUK"
> domain = win32com.client.GetObject ("WinNT://" + domain_name)
> domain.Filter = ["Computer"]
> for computer in domain:
> print computer.Name
>
> </code>
>
> HTH
> TJG
>
Hi Tim!
The third example what is yet in use in my script - I asked for it some
month ago here ;-) It is a great help!
But now I need more than just the names of the computers, I need their
properties like OS, Service Pack, Version and stuff like this.
What I managed yet is to get the properties of an object if I know the
LDAP path of this object.
But in our AD-structure the computer-accounts are not all in the same OU
and the OUs could have another name from one day to the next day... So I
need to get all computers wherever they are with some of their properties.
I'll try your hints after the next week when I'm back at work - next
week I have a SQL-course :-)
Dirk
More information about the Python-list
mailing list