#!/usr/bin/python3
# coding=utf-8
import json
from urllib import request, parse
import ldap3
from ldap3 import Server, Connection, ALL, NTLM,SUBTREE
from ldap3.abstract import entry
# zabbix url to connect
ZABBIX_URL = '**'
# ZABBIX_USER = '**'
ZABBIX_USER = '**'
# ZABBIX_PASSWORD = '**'
ZABBIX_PASSWORD = '**'
# AD server
AD_SERVER = '**'
AD_USER = ZABBIX_USER
AD_PASSWORD = ZABBIX_PASSWORD
# print(zabbix_api_handle(data_login))
class zabbix_api():
def __init__(self, url, name, password,):
self.zabbix_url = url
self.zabbix_name = name
self.password = password
self.id = 1
self.auth = self.zabbix_login()
def zabbix_api_handle(self, **data):
# 对请求进行包装
url = "{}/api_jsonrpc.php".format(self.zabbix_url)
header = {"Content-Type": "application/json"}
value = json.dumps(data).encode('utf-8')
req = request.Request(url, headers=header, data=value)
# 验证并获取Auth ID
try:
# 打开包装过的url
result = request.urlopen(req)
except Exception as e:
print("Auth Failed, Please Check Your Name And Password:", e)
return e
else:
response = result.read()
# 上面获取的是bytes类型数据,故需要decode转化成字符串
page = response.decode('utf-8')
# 将此json字符串转化为python字典
page = json.loads(page)
result.close()
return page.get('result')
def zabbix_login(self):
data_login = {
"jsonrpc": "2.0",
"method": "user.login",
"params": {
"user": self.zabbix_name,
"password": self.password
},
"id": 1,
}
res = self.zabbix_api_handle(**data_login)
return res
def zabbix_user_get(self,useralias): #根据用户名查询到用户,返回一个userid 的函数
data ={
"jsonrpc": "2.0",
"method": "user.get",
"params": {
"filter": {"alias": useralias},
"output": ["userid", "alias", ]
},
"auth": self.auth,
"id": self.id
}
# self.zabbix_api_handle(**data)
res = self.zabbix_api_handle(**data)
if res:
return res[0]['userid']
else:
return False
def zabbix_alluser_get(self): #定于一个查询所有用户({'userid': '1', 'alias': 'Admin'})的列表,
data = {
"jsonrpc": "2.0",
"method": "user.get",
"params": {
"output": ["userid", "alias"]
},
"auth": self.auth,
"id": self.id
}
return self.zabbix_api_handle(**data)
def zabbix_user_update(self,**kwargs): #定义更新用户的函数,返回更新成功与否
data = {
"jsonrpc": "2.0",
"method": "user.update",
"params": kwargs,
"auth": self.auth,
"id": self.id
}
res = self.zabbix_api_handle(**data)
if res:
return True
else:
return False
def zabbix_user_create(self,username,usermail,usergrooupid): #根据 用户名 和邮箱信息 创建用户
data = {
"jsonrpc": "2.0",
"method": "user.create",
"params": {
"alias": username,
"passwd": "123456",
"usrgrps": [
{
"usrgrpid": usergrooupid
}
],
"user_medias": [
{
"mediatypeid": "5",
"sendto": [
username
],
"active": 0,
"severity": 63,
"period": "1-7,00:00-24:00"
},
{
"mediatypeid": "4",
"sendto": [
usermail
],
"active": 0,
"severity": 63,
"period": "1-7,00:00-24:00"
},
]
},
"auth": self.auth,
"id": self.id
}
res = self.zabbix_api_handle(**data)
if res:
return res['userids'][0]
else:
return False
def zabbix_usergroup_create(self,usergroupname,hostgroupid):
data = {
"jsonrpc": "2.0",
"method": "usergroup.create",
"params": {
"name": usergroupname,
"rights": {
"permission": 3,
"id": hostgroupid
},
},
"auth": self.auth,
"id": self.id
}
res = self.zabbix_api_handle(**data)
if res:
return res['usrgrpids'][0]
else:
return False
def zabbix_usergroup_get(self,groupname): #定义一个用户组的查询,返回usergroupid
data = {
"jsonrpc": "2.0",
"method": "usergroup.get",
"params": {
"filter":{"name": groupname},
"output": ["usrgrpid", "name"],
"status": 0
},
"auth": self.auth,
"id": self.id
}
res = self.zabbix_api_handle(**data)
if res:
return res[0]['usrgrpid']
else:
return False
# res = self.zabbix_api_handle(**data)
def zabbix_hostgroup_get(self,hostgroupname): #定义了一个hostgroup的查询函数,返回groupid
data={
"jsonrpc": "2.0",
"method": "hostgroup.get",
"params": {
"output": ["groupid", "name"],
"filter": {
"name": hostgroupname
}
},
"auth": self.auth,
"id": self.id
}
res = self.zabbix_api_handle(**data)
if res:
return res[0]['groupid']
else:
return False
def zabbix_hostgroup_create(self,hostgroupname):
data = {
"jsonrpc": "2.0",
"method": "hostgroup.create",
"params": {
"name": hostgroupname
},
"auth": self.auth,
"id": self.id
}
res = self.zabbix_api_handle(**data)
if res:
return res['groupids'][0]
else:
return False
zb = zabbix_api(ZABBIX_URL, ZABBIX_USER, ZABBIX_PASSWORD)
#AD数据采集
server = Server(AD_SERVER, get_info=ALL)
# 设置用户列表
user_list = []
conn = Connection(server, 'CN=ansible,OU=Public,OU=**,DC=goodix,DC=com'.format(AD_USER), AD_PASSWORD, auto_bind=True)
print("AD request result:",conn.result)
conn.search('OU=Goodix,DC=**,DC=com', '(objectclass=person)', attributes=['cn', 'givenName', 'mail', 'sAMAccountName','userAccountControl'],paged_size=1000 )
cookie = conn.result['controls']['1.2.840.113556.1.4.319']['value']['cookie']
user_list.extend(conn.entries)
while cookie:
conn.search('OU=Goodix,DC=goodix,DC=com', '(objectclass=person)',
attributes=['cn', 'givenName', 'mail', 'sAMAccountName', 'userAccountControl'], paged_size=1000,
search_scope=SUBTREE, paged_cookie=cookie)
user_list.extend(conn.entries)
cookie = conn.result['controls']['1.2.840.113556.1.4.319']['value']['cookie']
print("Total number of AD users:",len(user_list))
user_info_dict = {}
for res in user_list:
if res['userAccountControl'] != 514:
user_info_dict.update({str(res.sAMAccountName): str(res.mail)})
#print(len(user_info_dict))
# # print(user_info_dict)
# #
# #
#开始 进行主机组,用户组,,用户的创建
for (key, value) in user_info_dict.items():
ugname = "UG_" + key
hgname = "HG_" + key
hgid = ''
ugid = ''
hgid = zb.zabbix_hostgroup_get(hgname)
if hgid:
pass
else:
hgid = zb.zabbix_hostgroup_create(hgname)
ugid = zb.zabbix_usergroup_get(ugname)
if ugid:
pass
else:
ugid = zb.zabbix_usergroup_create(ugname, hgid)
if zb.zabbix_usergroup_get(key):
pass
else:
zb.zabbix_user_create(key, value, ugid)
print( "it's OK now ")
sync ad to zabbix
最新推荐文章于 2024-07-16 10:02:19 发布