#!/usr/bin/perl -w ################################################################################ # # AUTHOR : xyz # CREATION DATE : 18 July 2016 # # SHORT DESCRIPTION: # find all AD/LDAP user and login credentials # (c) RH 2016 # # ----------------------------------------------------------------------------- # File name : search_ldap_user_v1_20160718.pl # Location : ESB # Last edited by : RH # Last Checkin : # Revision : 0.1 # ----------------------------------------------------------------------------- # History: # # 18.07.2016 first version # # ----------------------------------------------------------------------------- # # Last change: 18.07.2016 RH # ################################################################################ # # # ------------------------------------------------------------------ # Loaded Modules # ------------------------------------------------------------------ use strict; use warnings; use Net::LDAP; # ------------------------------------------------------------------ # ldap parameters # ------------------------------------------------------------------ my $ldap_srv = 'server1.domain.com'; my $ldap_usr = 'CN=Username,OU=User,OU=ESB,OU=DE,DC=domain,DC=com'; my $ldap_pwd = 'geheim'; my $ldap_base_dir = 'dc=domain,dc=com'; # ------------------------------------------------------------------ # connect to ldap # ------------------------------------------------------------------ my $ldap = Net::LDAP->new( $ldap_srv ) or die "$@"; my $mesg = $ldap->bind( $ldap_usr, password => $ldap_pwd ); # ------------------------------------------------------------------ # search LDAP database # ------------------------------------------------------------------ $mesg = $ldap->search( base=>$ldap_base_dir, filter => "(&(objectclass=user)(sn=*))"); #filter=>"(name=*)", my @entries = $mesg->entries; foreach my $entry (@entries) { my $samACC = $entry->get_value('samAccountName'); my $name = $entry->get_value('name'); my $descr = $entry->get_value('description'); my $lastLogon = readable_wintime($entry->get_value('lastLogon')); my $pwdLastSet = readable_wintime($entry->get_value('pwdLastSet')); my $mail = $entry->get_value('mail'); print "UserID:$samACC\t User Name:$name\t Beschreibung:$descr\t Letzter Login:$lastLogon\t Last_PWD_Set:$pwdLastSet\t Email:$mail\n"; } # ------------------------------------------------------------------ # disconnect from ldap # ------------------------------------------------------------------ $mesg = $ldap->unbind; # take down session # ------------------------------------------------------------------ # convert none readable date/time format to readable format # ------------------------------------------------------------------ sub readable_wintime { my $wintime = shift; my $unix_epoch = win_to_unix_epoch($wintime); my ($year, $month, $day, $hour, $minute, $second) = (localtime $unix_epoch)[5,4,3,2,1,0]; $year += 1900; $month += 1; ($month, $day, $hour, $minute, $second) = map { sprintf '%02d', $_ } $month, $day, $hour, $minute, $second; my $LastLogin = join('-', $day, $month, $year) . ' ' . join(':', $hour, $minute, $second); } sub win_to_unix_epoch { # Actually hundreths of nanoseconds at this point... my $nanoseconds = shift; # Get seconds my $seconds = $nanoseconds / 10_000_000; # This magic number is the difference between Unix and Windows epoch. my $unix_epoch = $seconds - 11644473600; # Return the Unix epoch for use with localtime(). return $unix_epoch; }