Collection of useful scripts for ldap based user management.
Project description
LDAP User Script Toolkit
A collection of python scripts that act as a wrapper/cli for the python-ldap library. There is an overall config file config.yml. The scripts have the following functionalities:
- add/delete LDAP accounts,
- create/archive user directories (and set quotas) belonging to these accounts on all fileservers according to the settings in the config.yml,
- change email addresses in LDAP, GitLab and mailing list subscriptions
- reset passwords
- create/remove groups in ldap
- add/remove users from LDAP groups
All scripts provide --help
, --verbose
and --dryrun
flags.
Install
pip install ldapKIT
User add/delete
To add/delete users, you can use the scripts: particleldapuseradd
and particleldapuserdel -–user NAME
.
There is also the functionality to search for users that are inactive for n
days (inactive means: last password change older than m
days) and delete them with particleldapuserdel –-cleanup
.
The userdel script does not only remove the ldap user but is also able to run post-deletion tasks via ansible e.g. to backup user directories.
Group add/delete/modify
This is done via the tool particleldapgroup
. Usage:
# particleldapgroup --help
usage: particleldapgroup [-h] [--verbose] [--dryrun]
{create,delete,adduser,deluser,cleanup} ...
positional arguments:
{create,delete,adduser,deluser,cleanup}
create create new group
delete delete group
adduser add users to group
deluser remove users from group
cleanup remove non-existant users from group
optional arguments:
-h, --help show this help message and exit
--verbose, -v add more ouput
--dryrun, -d don't write anything
Changing E-Mail Addresses
There is the script particleldapchangeemail
which changes the email of an user in its:
- LDAP account,
- GitLab account (which somehow does not update its database when an ldap account changes its email)
- and removes/adds its old/new email to a configured mailing list.
Example configuration
See the config.yml for an example configuration which uses the full functionality. Also see the userdir.yml which is an ansible playbook invoked by particleldapuser{add,del}
to create/archive user dirs on foregin file servers (set in the config.yml).
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for ldapkit-1.4.10-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 38a49592d8496779f2afadca1f7fcf148209a4b69f42854d691a9d9e3aae248b |
|
MD5 | e9bce2f49b948932270f3770543f4006 |
|
BLAKE2b-256 | 07222c460b3d98a483764fb893f6ffe13327bb95cf29eb130467f7f502492ba5 |