#!/usr/bin/python2 -B #resources #http://www.netvision.com/ad_useraccountcontrol.php #http://fsuid.fsu.edu/admin/lib/WinADLDAPAttributes.html#RANGE!B28 #author: david@socialnerds.org class getmailad(object): """ get all email addresses from enabled users/groups from active directory """ """ tested with windows 2003 domain """ def __init__(self, ldap_server, bind_dn, bind_pass, base_dn): self.addresslist = [] self.count = 0 self._ldap_server = ldap_server self._bind_dn = bind_dn self._bind_pass = bind_pass self._base_dn = base_dn def get(self): """ connect to active directory and get a list of email addresses """ import ldap try: instance = ldap.initialize(self._ldap_server) instance.simple_bind_s(self._bind_dn, self._bind_pass) #ldap querry result = instance.search_s(self._base_dn, ldap.SCOPE_SUBTREE, ("cn=*"), ["mail", "proxyAddresses", "userAccountControl"]) counter = 0 for item in result: if item[1].has_key("userAccountControl"): if item[1]["userAccountControl"] == ["512"] or item[1]["userAccountControl"] == ["66048"] or item[1]["userAccountControl"] == ["66080"] or item[1]["userAccountControl"] == ["544"] or item[1]["userAccountControl"] == ["262656"] or item[1]["userAccountControl"] == ["262688"] or item[1]["userAccountControl"] == ["328192"] or item[1]["userAccountControl"] == ["328224"]: if item[1].has_key("proxyAddresses"): addresslist = item[1]["proxyAddresses"] for address in addresslist: if "SMTP:" in address or "smtp:" in address: self.addresslist.append(address[5:].lower()) counter += 1 self.count = counter except ldap.LDAPError, error_message: pass try: instance.unbind() except ldap.LDAPError, error_message: pass if __name__ == "__main__": getmailadobj = getmailad("ldap://dc2.aec.at", "davidsa@aec.at", "secret", "ou=users,ou=adm,dc=aec,dc=at") getmailadobj.get() for item in getmailadobj.addresslist: print item print "\nMail addresses found: %i" %(getmailadobj.count) #end of file