Zabbix Sync AD Users

2. #!/usr/bin/env python
4. #coding:utf-8
8. import ldap,ldif3,sys,re
10. importMySQLdb
16. ldap_host="ldap://xx.xx.xx.xx"
18. ldap_user="[email protected]"#[email protected]
20. ldap_pass="xxxx"
22. basedn ="OU=group,DC=domain,DC=com"
26. db_host="10.1.180.166"
28. db_port=3306
30. db_user="zabbix"
32. db_pass="zabbixpwd"
34. db_Name="zabbix"
38. #insert user to zabbix
40. #insert into users (userid,alias,passwd,autologin,type) (select max(userid)+1 as userid,‘test‘,‘5fce1b3e34b520afeffb37ce08c7cd66‘,1,3 from users);
44. #select users
46. #select alias from zabbix.users where alias not regexp ‘AR|Admin|guest‘ ;
50. def __mysql_operation(sql):
52. try:
54. conn = MySQLdb connect ( host = db_host user = db_ User passwd = db_pass port = db_port db = db_name )
56. cur = conn.cursor()
58. count = cur.execute(sql)
60. if count ==0:
62. zbx_result =0
64. else:
66. zbx_result = cur.fetchall()
68. conn.commit()
70. cur.close()
72. conn.close()
74. #print zbx_result
76. return zbx_result
78. exceptMySQLdb.Error,e:
80. print"Mysql Error:",e
84. def __ldap_query():
86. conn = ldap.initialize(ldap_host)
88. # set domain protocol version
90. conn.protocol_version =3
92. conn.set_option(ldap.OPT_REFERRALS,0)
94. # bind domain user
96. conn.simple_bind_s(ldap_user,ldap_pass)
98. ldif_writer = ldif3.LDIFWriter(sys.stdout)
100. retrieveAttributes =None
102. results = conn.search_s(basedn,ldap.SCOPE_SUBTREE,"(cn=*)",retrieveAttributes)
104. # for dn,entry in results:
106. # ldif_writer.unparse(dn,entry)
108. cn_list =[]
110. for result in results:
112. result_dn = result[0]
114. result_attrs = result[1]
116. if"member"in result_attrs:
118. for member in result_attrs["member"]:
120. re_result = re.search(r‘\w+\s\w+‘,member)
122. if re_result:
124. cn_list.append(re_result.group().replace(‘ ‘,‘‘).lower())
128. #print member
132. user_list = sorted(set(cn_list))
134. return user_list
138. def main():
140. select_sql =‘‘‘select alias from users where alias not regexp ‘AR|Admin|guest‘ ;‘‘‘
142. select_result = __mysql_operation(select_sql)
144. ldap_result = __ldap_query()
146. zabbix_user_list =[]
148. for s_row in select_result:
150. zabbix_user_list.append(s_row[0])
152. #print zabbix_user_list
154. # add domain user to zabbix
156. for l_row in ldap_result:
158. if l_row in zabbix_user_list:
160. print"The %s user alrady exist ! "%(l_row)
162. else:
164. insert_sql =‘‘‘insert into users (userid,alias,passwd,autologin,autologout,type) (select max(userid)+1 as userid,‘%s‘,‘5fce1b3e34b520afeffb37ce08c7cd66‘,1,0,1 from users);‘‘‘%(l_row)
166. __mysql_operation(insert_sql)
168. print"Add %s user successed !"%(l_row)
172. # if zabbix user not exist for domain , delete this user.
174. for s_row in zabbix_user_list:
176. if s_row notin ldap_result:
178. delete_sql =‘‘‘delete from users where alias = "%s" ;‘‘‘%(s_row)
180. __mysql_operation(delete_sql)
182. print"Delete invalid %s user succeesed !"%(s_row)
184. else:
186. print"Not have invalid users !"
190. if __name__ ==‘__main__‘:
192. main()

First: Create a Zabbix user in Windows AD, preferably with the Zabbix default account and then configure the LDAP execution script, the ad all users are synchronized, regular script execution, will automatically add delete users, synchronization ad

From for notes (Wiz)

Zabbix Sync AD Users