from ldap3 import Server, Connection, ALL, NTLM
import json
import random
import string
#生成随机密码
ran_str = ''.join(random.sample(string.ascii_letters + string.digits + string.punctuation, 16))
# 连接
server = Server('AD服务器ip地址', get_info=ALL,use_ssl=True)
conn = Connection(server, user='Users\administrator', password='AD管理员密码', auto_bind=True, authentication=NTLM)
# print(server.info)
# 查询
res = conn.search('dc=ptmind,dc=com', '(objectclass=user)', attributes=['cn', 'givenName', 'userPrincipalName'])
# print(conn.result) # 查询失败的原因
# print(conn.entries) # 查询到的数据
# print(len(conn.entries))
for i in conn.entries:
entry_dict = json.loads(i.entry_to_json())
# print(entry_dict)
if entry_dict.get("dn") and entry_dict.get("attributes"):
if entry_dict.get("attributes").get("userPrincipalName"):
# print(entry_dict.get("attributes").get("userPrincipalName")[0])
if entry_dict.get("attributes").get("userPrincipalName")[0] == 'aaa@ptmind.com':
USER_DN = entry_dict.get("dn")
USER_CN = entry_dict.get("attributes").get("cn")
if USER_DN:
# res = ldap3.extend.microsoft.modifyPassword.ad_modify_password(conn, USER_DN, NEWPWD, CURREENTPWD, controls=None)
res = conn.extend.microsoft.modify_password(USER_DN, ran_str)
# print(conn.result)
# print(res)
if res:
print('user %s change password Success.' % USER_CN)
print('password: %s' %ran_str)
else:
print('user %s change password Failed.' % USER_CN)
else:
print("User DN is missing!")
conn.unbind()
