API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 8th, 2016
146
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.50 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/python
  2. import sys
  3. import getopt
  4. import ldap
  5. import re
  6.  
  7. issueFound = False
  8.  
  9. def Usage(name):
  10. print "Usage: " + name + '''
  11. -h hostname [default: 127.0.0.1]
  12. -p port [default: 11711]
  13. -u userDN [default: CN=administrator,CN=users,DC=vsphere,DC=local]
  14. -w password [default: ""]
  15. NOTE: password is not checked unless you want to remove problem members.'''
  16.  
  17. def GetServicePrincipals(ld):
  18. baseDN = 'CN=ServicePrincipals,DC=vsphere,DC=local'
  19. searchScope = ldap.SCOPE_SUBTREE
  20. retrieveAttributes = None
  21. searchFilter = "CN=*"
  22.  
  23. try:
  24. ldap_result_id = ld.search(baseDN, searchScope, searchFilter, retrieveAttributes)
  25. SPs = []
  26. while 1:
  27. result_type, result_data = ld.result(ldap_result_id, 0)
  28. if (result_data == []):
  29. break
  30. else:
  31. if result_type == ldap.RES_SEARCH_ENTRY:
  32. SPs.append(result_data[0][0])
  33. except ldap.LDAPError, e:
  34. print 'GetServicePrincipals failed:' + str(e)
  35. return SPs
  36.  
  37. def GetBuiltinUsers(ld):
  38. baseDN = 'CN=Builtin,DC=vsphere,DC=local'
  39. searchScope = ldap.SCOPE_SUBTREE
  40. retrieveAttributes = None
  41. searchFilter = "CN=*"
  42.  
  43. try:
  44. ldap_result_id = ld.search(baseDN, searchScope, searchFilter, retrieveAttributes)
  45. BUs = []
  46. while 1:
  47. result_type, result_data = ld.result(ldap_result_id, 0)
  48. if (result_data == []):
  49. break
  50. else:
  51. if result_type == ldap.RES_SEARCH_ENTRY:
  52. BUs.append(result_data[0][0])
  53. except ldap.LDAPError, e:
  54. print 'GetBuiltinUsers failed:' + str(e)
  55. return BUs
  56.  
  57. def GetAttributes(ld, baseDN):
  58. searchScope = ldap.SCOPE_SUBTREE
  59. retrieveAttributes = None
  60. searchFilter = "CN=*"
  61.  
  62. try:
  63. ldap_result_id = ld.search(baseDN, searchScope, searchFilter, retrieveAttributes)
  64. bu_attr = []
  65. while 1:
  66. result_type, result_data = ld.result(ldap_result_id, 0)
  67. if (result_data == []):
  68. break
  69. else:
  70. if result_type == ldap.RES_SEARCH_ENTRY:
  71. #print result_data[0][1]
  72. bu_attr.append(result_data[0][1])
  73. except ldap.LDAPError, e:
  74. print 'GetBuiltInUserAttributes failed:' + str(e)
  75. return bu_attr
  76.  
  77. def GetAllReplicationServers(ld):
  78. baseDN = 'CN=Configuration,DC=vsphere,DC=local'
  79. searchScope = ldap.SCOPE_SUBTREE
  80. retrieveAttributes = None
  81. searchFilter = "cn=Replication Agreements"
  82. Servers = []
  83. try:
  84. ldap_result_id = ld.search(baseDN, searchScope, searchFilter, retrieveAttributes)
  85. Conf = []
  86. while 1:
  87. result_type, result_data = ld.result(ldap_result_id, 0)
  88. if (result_data == []):
  89. break
  90. else:
  91. if result_type == ldap.RES_SEARCH_ENTRY:
  92. Conf.append(result_data[0][0])
  93. except ldap.LDAPError, e:
  94. print 'GetAllReplicationServers failed:' + str(e)
  95. for member in Conf:
  96. member = member.split(",")[1].split("=")[1]
  97. Servers.append(member)
  98. return list(set(Servers))
  99.  
  100. def ServicePrincipalsFilter(string):
  101. if re.search('CN=ServicePrincipals', string, re.IGNORECASE) > 0:
  102. return True
  103. else:
  104. return False
  105.  
  106. def GetMembers(ld, baseDN, spFilter):
  107. searchScope = ldap.SCOPE_BASE
  108. retrieveAttributes = ['member']
  109. searchFilter = "CN=*"
  110. try:
  111. ldap_result_id = ld.search(baseDN, searchScope, searchFilter, retrieveAttributes)
  112. while 1:
  113. result_type, result_data = ld.result(ldap_result_id, 0)
  114. if (result_data == []):
  115. break
  116. else:
  117. if result_type == ldap.RES_SEARCH_ENTRY:
  118. try:
  119. return filter(spFilter, result_data[0][1]['member'])
  120. except KeyError:
  121. print "GetMembers " + baseDN + " has no member."
  122. return []
  123. except ldap.LDAPError, e:
  124. print ("GetMembers(%s) failed: %s" % baseDN, str(e))
  125.  
  126. def CheckConsistent(refFrom, refTo):
  127. invalidRefs = []
  128. for ref in refFrom:
  129. if ref in refTo:
  130. continue
  131. invalidRefs.append(ref)
  132. return invalidRefs
  133.  
  134. def diff_serviceprincipal_across_nodes(Servers,port,username,password):
  135. bu_attr_list = {}
  136. for server in Servers:
  137. bu_attr_list[server] = []
  138. l = ConnectLdap(server,port,username,password)
  139. servicePrincipals = GetServicePrincipals(l)
  140. servicePrincipals.pop(0)
  141. for s in servicePrincipals:
  142. attr = GetAttributes(l, s)
  143. bu_attr_list[server].append(attr)
  144. for i in range(len(Servers)):
  145. for j in range(len( bu_attr_list[Servers[i]])):
  146. if i == (len(Servers)-1):
  147. break
  148. for k,v in bu_attr_list[Servers[i]][j][0].iteritems():
  149. bu_attr_list[Servers[i]][j][0][k].sort()
  150. for k,v in bu_attr_list[Servers[i+1]][j][0].iteritems():
  151. bu_attr_list[Servers[i+1]][j][0][k].sort()
  152. result = cmp(bu_attr_list[Servers[i]][j][0], bu_attr_list[Servers[i+1]][j][0])
  153. #print "\n Comparing:" + Servers[i] + " and " + Servers[i+1]
  154. if result != 0:
  155. print "\n Issues found while comparing:" + Servers[i] + " and " + Servers[i+1]
  156. print "\n Result :-"
  157. print result
  158. print bu_attr_list[Servers[i]][j][0]
  159. print "\n"
  160. print bu_attr_list[Servers[i+1]][j][0]
  161. return []
  162.  
  163. def diff_builtinusers_across_nodes(Servers,port,username,password):
  164. bu_attr_list = {}
  165. for server in Servers:
  166. bu_attr_list[server] = []
  167. l = ConnectLdap(server,port,username,password)
  168. bu = GetBuiltinUsers(l)
  169. bu.pop(0)
  170. for s in bu:
  171. attr = GetAttributes(l, s)
  172. bu_attr_list[server].append(attr)
  173. for i in range(len(Servers)):
  174. for j in range(len( bu_attr_list[Servers[i]])):
  175. if i == (len(Servers)-1):
  176. break
  177. for k,v in bu_attr_list[Servers[i]][j][0].iteritems():
  178. bu_attr_list[Servers[i]][j][0][k].sort()
  179. for k,v in bu_attr_list[Servers[i+1]][j][0].iteritems():
  180. bu_attr_list[Servers[i+1]][j][0][k].sort()
  181. result = cmp(bu_attr_list[Servers[i]][j][0], bu_attr_list[Servers[i+1]][j][0])
  182. if result != 0:
  183. print "\n Issues found while comparing:" + Servers[i] + " and " + Servers[i+1]
  184. print "\n Result :-"
  185. print result
  186. print bu_attr_list[Servers[i]][j][0]
  187. print "\n"
  188. print bu_attr_list[Servers[i+1]][j][0]
  189. return []
  190.  
  191. def DeleteMembers(ld, dn, members):
  192. try:
  193. modlist = []
  194. for m in members:
  195. modlist.append((ldap.MOD_DELETE, "member", m))
  196. print " -- removing " + str(modlist)
  197. ld.modify_s(dn, modlist)
  198. print "Removed."
  199. except ldap.LDAPError, e:
  200. print "DeleteMembers failed: " + str(e)
  201.  
  202. def CheckAndFix(ld, checkDN, sps):
  203. global issueFound
  204. issueFound = False
  205. solutionUsersMemebers = GetMembers(ld, checkDN, ServicePrincipalsFilter)
  206. if (len(solutionUsersMemebers) == 0):
  207. print "\n No Solution User Members Found !!!"
  208. issueFound = True
  209. return True
  210. return
  211. invalidRefs = CheckConsistent(solutionUsersMemebers, sps)
  212. if invalidRefs:
  213. issueFound = True
  214. print ("\"%s\" has following members which are referencing non-existing SolutionUsers:") % checkDN
  215. print invalidRefs
  216. answer = raw_input("Do you want to remove them (better backup before removing)? yes/no: [no]")
  217. if answer.lower() == "yes":
  218. DeleteMembers(ld, checkDN, invalidRefs)
  219.  
  220. def ConnectLdap (hostname, port, username, password):
  221. try:
  222. l = ldap.open(hostname, int(port))
  223. l.protocol_version = ldap.VERSION3
  224. l.simple_bind(username, password)
  225. except ldap.LDAPError, e:
  226. print 'ldap open failed:' + str(e)
  227. print "Connected to Ldap Server " + hostname + " at port " + port + " Successfully !!! \n"
  228. return l
  229.  
  230. def main():
  231. hostname = '127.0.0.1'
  232. port = '11711'
  233. username = 'CN=administrator,CN=users,DC=vsphere,DC=local'
  234. password = ""
  235. issues_found = {}
  236. try:
  237. opts, args = getopt.getopt(sys.argv[1:],"h:p:u:w:",["hostname=","port=", "userDN=", "password="])
  238. except getopt.GetoptError:
  239. Usage(sys.argv[0])
  240. sys.exit(2)
  241.  
  242. if not opts:
  243. Usage(sys.argv[0])
  244. sys.exit()
  245.  
  246. for opt, arg in opts:
  247. if opt in ("-h", "--hostname"):
  248. hostname = arg
  249. elif opt in ("-p", "--port"):
  250. port = arg
  251. elif opt in ("-u", "--userDN"):
  252. username = arg
  253. elif opt in ("-w", "--password"):
  254. password = arg
  255. else:
  256. Usage(sys.argv[0])
  257. sys.exit()
  258. l = ConnectLdap(hostname,port,username,password)
  259. Servers = GetAllReplicationServers(l)
  260. diff_serviceprincipal_across_nodes(Servers,port,username,password)
  261. diff_builtinusers_across_nodes(Servers,port,username,password)
  262.  
  263. for server in Servers:
  264. l = ConnectLdap(server,port,username,password)
  265. servicePrincipals = GetServicePrincipals(l)
  266. CheckAndFix(l, "CN=SolutionUsers,DC=vsphere,DC=local", servicePrincipals)
  267. CheckAndFix(l, "CN=Users,CN=Builtin,DC=vsphere,DC=local", servicePrincipals)
  268. CheckAndFix(l, "CN=Administrators,CN=Builtin,DC=vsphere,DC=local", servicePrincipals)
  269. l.unbind()
  270. issues_found[server] = issueFound
  271.  
  272. for k,v in issues_found.iteritems():
  273. print "\n Server: %s Issue Found: %r" % (k, v)
  274.  
  275. if __name__ == "__main__":
  276. main()
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!