search

zakird / pyad

Python Active Directory Tools | *Not actively maintained*
http://zakird.github.io/pyad/
176 stars 72 forks source link

Added search method and improved user creation method #113

Open seanwlk opened 5 years ago

seanwlk commented 5 years ago

Check commits description for further information.

zakird commented 5 years ago

In the vast majority of situations, CN is going to be the same as samAccountName. In order to not break API, I'd suggest making one of these fields optional and defaulting to the same value.

seanwlk commented 5 years ago

In the vast majority of situations, CN is going to be the same as samAccountName. In order to not break API, I'd suggest making one of these fields optional and defaulting to the same value.

I work for an helthcare agency and we have a total of 12000+ accounts in one shared domain and other 3 domains with the same amount of users but split between them (long story).

All these got installed by Microsoft officials and with default schema configuration the CN and the samaccount are different because in our case it's "Surname Name" and samaccount it's the tax code for the shared domain with 12k+ users, and for the other 3, it's a variation of the name+surname, for example name.surname or initial of the name + full surname. This is due to the fact that if you later search for a user having only his name it would be unpractical for both us IT and the HR.

Having spaces in the UPN/sAMAaccount it's a bad idea so couldn't use your function to make our "clean" look in the OU browser.

zakird commented 5 years ago

That makes sense. I don't think it's at odds with making the field have a default value though.

seanwlk commented 5 years ago

Made the CN optional, but kept the change of argument name in the commit name -> sAMAccountName because what you are doing there is actually creating the account with it's mandatory data (account name/upn) and it's not supposed to contain spaces because you should keep pre-2000 compatibility (yes sadly we still have some, even some servers with old applications we cannot get rid of). From how i see it, calling that "name" it's not correct since it induces you into think it's the name of the person so "Surname space Name" which is what i actually did at the beginning and later found out about this.

At the end it's up to you :D Nice job anyway!

PS can you take a look at #112 , lost whole day on it, I'm pretty sure it's on pywin32 side the problem but you might know better since you dealt with it more then me. After this i wont bother you anymore :D