-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathautomation-ADIsUserMember.yml
70 lines (62 loc) · 2.96 KB
/
automation-ADIsUserMember.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
args:
- description: Active Directory Distinguished Name of the desired user
name: dn
- description: Name of the desired user
name: name
- description: Email address of the desired user
name: email
- default: true
description: Name of the AD group to check
name: groupname
required: true
- description: Enter any value to allow nested groups check as well
name: nestedSearch
comment: Use Active Directory to check if the specified user is a member of the specified
group. Returns simply yes/no. The user can be specified by name, email or as an
Active Directory Distinguished Name (DN).
commonfields:
id: ADIsUserMember
version: -1
dependson:
must:
- ad-search
deprecated: true
name: ADIsUserMember
runonce: false
script: |-
FOUND_GROUPS_LABAL = 'FoundGroups'
res = []
resp = demisto.executeCommand('ADGetUserGroups', demisto.args())
try:
if not isError(resp[0]):
group_names = argToList(demisto.args()['groupname'])
for name in group_names:
group_resp = demisto.executeCommand('AdSearch', {'filter':'(&(objectClass=group)(name={0}))'.format(name)})
if isError(group_resp[0]):
res.append( { 'Type' : entryTypes['error'], 'ContentsFormat' : formats['text'], 'Contents' : 'Error returned from ad-search:\n' + resp[0]['Contents'] } )
elif (isinstance(group_resp[0]['Contents'],str) or isinstance(group_resp[0]['Contents'],unicode)) and group_resp[0]['Contents'] == 'No results':
res.append( { 'Type' : entryTypes['error'], 'ContentsFormat' : formats['text'], 'Contents' : 'Group {0} not found:\n'.format(name) } )
user_groups = [row['name'] for row in resp[0]['Contents']]
groups = list(set(group_names).intersection(user_groups))
if groups:
markdownString = '### The user belongs to groups:\n'
markdownString += "".join(['* ' + s + '\n' for s in groups])
res.append ({'ContentsFormat': formats['markdown'], 'Type': entryTypes['note'], 'Contents': markdownString})
group_names = ','.join([str(s) for s in groups])
demisto.setContext(FOUND_GROUPS_LABAL, group_names)
answer = 'yes'
else:
demisto.log("\nThe user is not part of any of the groups\n")
answer = 'no'
res.append( { "Type" : entryTypes["note"], "ContentsFormat" : formats["text"], "Contents" : answer } )
demisto.results(res)
else:
demisto.results( { 'Type' : entryTypes['error'], 'ContentsFormat' : formats['text'], 'Contents' : 'Error returned from ADGetUserGroups:\n' + resp[0]['Contents'] } )
except Exception, ex:
demisto.results( { 'Type' : entryTypes['error'], 'ContentsFormat' : formats['text'], 'Contents' : 'Error occurred while parsing output from ADGetUserGroups. Exception info:\n' + str(ex) + '\n\nInvalid output:\n' + str( resp ) } )
scripttarget: 0
system: true
tags:
- active directory
- Condition
type: python