-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathldapdiff.py
72 lines (59 loc) · 2.34 KB
/
ldapdiff.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/usr/bin/env python
#Monitor changes in certain ldap groups and create pagerduty alerts when users are added/removed
import sys, ldap, json, requests
########## CONFIG #########
groups = ['secops', 'engineering', 'developers']
ldap_url = 'ldaps://yourldap.ur.com:5636/'
basedn = 'ou=groups,dc=company,dc=com'
service_key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXX'
pg_url = 'https://events.pagerduty.com/generic/2010-04-15/create_event.json'
########## CONFIG #########
def send_alert(name, body):
# post to pagerduty
headers = {'content-type': 'application/json'}
payload = {
'service_key': service_key,
'description': name,
'event_type': 'trigger',
'client': 'LdapDiff',
'details': {
"information": body,
},
}
try:
response = requests.post(pg_url, data=json.dumps(payload), headers=headers)
except Exception, e:
print "[-] Error: %s" % e
sys.exit()
def compare(groups):
try:
for i in groups:
l = ldap.initialize(ldap_url)
l.simple_bind_s()
xtr = l.search_s('cn='+i+','+basedn, ldap.SCOPE_BASE)
usr = xtr[0][1]['memberUid']
usr.sort()
orig = open('orig/'+i+'.txt').read().split('\n')
rmvdusr = list(set(orig[:-1]) - set(usr))
addusr = list(set(usr) - set(orig[:-1]))
if rmvdusr:
name = "User(s) deleted from group %s:" % i
body = rmvdusr
print name
print body
send_alert(name,body)
if addusr:
name = "User(s) added to group %s:" % i
body = addusr
print name
print body
send_alert(name,body)
l.unbind_s()
except Exception, e:
print "[-] Error: %s" % e
l.unbind_s()
sys.exit()
def main():
compare(groups)
if __name__ == "__main__":
main()