Home > database >  How to convert Powershell to Python for AD group creation
How to convert Powershell to Python for AD group creation

Time:05-13

I have a Powershell command

New-ADGroup -Name "Group_Name" -SamAccountName Group_Name -GroupCategory Security -GroupScope Global -DisplayName "Group_Name" -Path "CN=Users,DC=domain,DC=local"

I am trying to convert it into this python code (using ldap)

...
attrs = dict(sAMAccountName=group_name)
attrs.update(GroupCategory=1)
attrs.update(GroupScope='Global')
attrs.update(DisplayName=group_name)
attrs.update(Path='CN=Users,DC=devfactory,DC=local')
connection = self.create_ad_connection(ad_server)
entry = connection.add(distinguished_name, object_class='group', attributes=attrs)
...

I am getting this error:

Exception has occurred: LDAPAttributeError
invalid attribute type GroupCategory

How can I set GroupCategory and other attributes on python? Any help is appreciated.

CodePudding user response:

Both the GroupCategory (also known as "Group Type") and the GroupScope are both set in the groupType attribute, which is a bitmask (or bitflag): a binary value where each bit is an on/off flag with a different meaning. The Remarks section of the groupType documentation tells us that the 2nd bit is what makes it a global group, and the 32nd bit (decimal value of 2,147,483,648) is what makes it a security group.

If you want to set it to a global security group, you can set the groupType attribute to the sum of the two decimal values: 2 2147483648 = 2147483650

attrs.update(groupType=2147483650)

The binary value looks like this:

10000000000000000000000000000010

The two 1's are what make it a global security group.

Page link:https//www.codepudding.com/database/404981.html

Prev:Python - How to get all keys where values are zero from list of dictionaries?
Next:Flatterning JSON to Pandas Dataframe
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding