Sometimes it is useful to know what attributes are available to you for an object in active directory. You cannot ask the object directly for that, instead you need to use the schema of the object. All of this is done with python's COM support using win32com. By default only attributes that have values are returned.
Python, 20 lines
Download
Copy to clipboard1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | import win32com,win32com.client
def ad_dict(ldap_path,value_required=1):
attr_dict={}
adobj=win32com.client.GetObject(ldap_path)
schema_obj=win32com.client.GetObject(adobj.schema)
for i in schema_obj.MandatoryProperties:
value=getattr(adobj,i)
if value_required and value==None: continue
attr_dict[i]=value
for i in schema_obj.OptionalProperties:
value=getattr(adobj,i)
if value_required and value==None: continue
attr_dict[i]=value
return attr_dict
user='LDAP://cn=fred123,OU=people,DC=company,DC=com'
print ad_dict(user)
|
Rather than having to guess attribute names or look them up, this recipe gets the attributes for an object in active directory for you. The attributes fit nicely in a python dictionary. Some of the attributes in the dictionary do not point to python data types or structures. They are instead MS COM objects. You'd need to consult relevant documentation at http://msdn.microsoft.com for more information about their use.
Tags: sysadmin
