Übersetzung des AD Mailadressen Sammelskripts von Perl nach Python.
#!/usr/bin/python
# getadsmtp.py
# Version 1.0
# The script is an translation from the orginal perl script getadsmtp.pl
# This script will pull all users' SMTP addresses from your Active Directory
# (including primary and secondary email addresses) and list them in the
# format "user@example.com OK" which Postfix uses with relay_recipient_maps.
# Be sure to double-check the path to python above.
# This requires python-ldap to be installed. To install python-ldap on debian based systems,
# at a shell type "apt-get install python-ldap" or "sudo apt-get install python-ldap"
import os, sys, ldap
# Enter the path/file for the output
valid_addresses = "/etc/postfix/example_recipients"
# Enter the FQDN of your Active Directory domain controllers below
dc1="dc01.example.com"
dc2="dc02.example.com"
# Enter the LDAP container for your userbase.
# The syntax is CN=Users,dc=example,dc=com
# This can be found by installing the Windows 2000 Support Tools
# then running ADSI Edit.
# In ADSI Edit, expand the "Domain NC [domaincontroller1.example.com]" &
# you will see, for example, DC=example,DC=com (this is your base).
# The Users Container will be specified in the right pane as
# CN=Users depending on your schema (this is your container).
# You can double-check this by clicking "Properties" of your user
# folder in ADSI Edit and examining the "Path" value, such as:
# LDAP://domaincontroller1.example.com/CN=Users,DC=example,DC=com
# which would be hqbase="cn=Users,dc=example,dc=com"
# Note: You can also use just hqbase="dc=example,dc=com"
hqbase="cn=Users,dc=example,dc=com"
# Enter the username & password for a valid user in your Active Directory
# with username in the form cn=username,cn=Users,dc=example,dc=com
# Make sure the user's password does not expire. Note that this user
# does not require any special privileges.
# You can double-check this by clicking "Properties" of your user in
# ADSI Edit and examining the "Path" value, such as:
# LDAP://domaincontroller1.example.com/CN=user,CN=Users,DC=example,DC=com
# which would be $user="cn=user,cn=Users,dc=example,dc=com"
# Note: You can also use the UPN login: "user@example.com"
user="cn=user,cn=Users,dc=example,dc=com"
passwd="password"
try:
l = ldap.initialize("ldap://%s" %(dc1))
l.set_option(ldap.OPT_REFERRALS, 0)
l.protocol_version = 3
l.simple_bind_s(user, passwd)
except ldap.LDAPError, e:
try:
l = ldap.initialize("ldap://%s" %(dc2))
l.set_option(ldap.OPT_REFERRALS, 0)
l.protocol_version = 3
l.simple_bind_s(user, passwd)
except ldap.LDAPError, e:
print "Error connecting to specified domain controllers\n"
sys.exit()
# Play around with this to grab objects such as Contacts, Public Folders, etc.
# A minimal filter for just users with email would be:
# filter = "(&(sAMAccountName=*)(mail=*))"
filter = "(& (mailnickname=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact))(objectCategory=group)(objectCategory=publicFolder)(objectClass=msExchDynamicDistributionList) ))"
attrs = ["proxyAddresses"]
scope = ldap.SCOPE_SUBTREE
r = l.search(hqbase, scope, filter, attrs)
type,a = l.result(r)
result_set = []
for x in a:
name,attrs = x
if hasattr(attrs, 'has_key') and attrs.has_key('proxyAddresses'):
proxyAddresses = attrs['proxyAddresses']
for y in proxyAddresses:
result_set.append("%s OK" %(y.replace("smtp:","").replace("SMTP:","")))
# Add additional restrictions, users, etc. to the output file below.
#result_set.append("user@example.com OK")
#result_set.append("user1@example.com 550 User unknown.")
#result_set.append("bad.example.com 550 User does not exist.")
#######################################################################
# Build file ...
output = file(valid_addresses,'w')
for line in result_set:
output.write("%s\n" %(line))
output.close()