Closed sbarkar closed 3 years ago
Hi @sbarkar - I have created a pull request to resolve this issue https://github.com/zakird/pyad/pull/132. If this is accepted you will be able to create this query using traditional ldap dialect .
q.execute_query(
attributes = ["Name","OperatingSystem"],
where_clause = "(& (!userAccountControl:1.2.840.113556.1.4.803:=2) (objectCategory=computer))",
ldap_dialect = True
)
@sbarkar - Can you pull the latest from master and let me know if this change resolves your issue?
Hi @thecasual, thank you for your help with this. I'm unfortunately unable to test this as I don't have an AD I've got access to atm.
@thecasual just found the same issue. you release this on pipy or do I need to pull from master? Should be able to check this real quick. Also, can you add the enabled attribute to the ADUser class?
Looks like this will return the correct state (Enabled as True or False) of the user, just not the attribute name I was expecting. Doesn't seem to work with the get_attribute() method, but calling this way will work:
aduser.ADUser.from_cn("Last, First")._ldap_adsi_obj.AccountDisabled
Slightly cleaner and holding more of the properties I was looking for. The dictionary returned has some other interesting properties to pay attention to.
aduser.ADUser.from_cn("Last, First").get_user_account_control_settings()['ACCOUNTDISABLE'']
Does .AccountDisabled also pull down disabled "computers" as well for you? This pull request was accepted into master, so you will need to pull from master.
all my posts were specifically in reference to adusers. I can check ADComputer objects tho. One sec.
just checked, look like both methods for determining if enabled are good for adcomputer and aduser types. Checking compound query in a minute.
@thecasual Your fix seemed to work for me.
Given that @funkwhatyouheard has confirmed that the fix worked I will close the ticket. Thank you all.
I'm running a simple query using ADQuery.
q.execute_query( attributes=["SamAccountName", "givenName", "sn", "mail", "title", "manager", "Enabled"][::-1], where_clause = "objectClass = 'user' and 'Enabled' = 'True'", base_dn="DC=energy, DC=local" )
For some reason this query returns 0 results every single time. I've tried doing the same thing using 'False' and 'None', but no luck.
When I run this query without the enabled filter in the where clause it works as expected, but every userObject that it returns contains 'Enabled': None.