├── README.md
└── getent-report.py


/README.md:
--------------------------------------------------------------------------------
 1 | # GetEnt Reporter
 2 | 
 3 | This is a user reporting script. It looks at the UNIX users and groups, and creates a list of which users there are, which groups they are in and which groups there are and which users are in those groups.
 4 | 
 5 | I'm using it to report the users on an Active Directory bound node, setup [as described here](https://raymii.org/s/tutorials/SAMBA_Share_with_Active_Directory_Login_on_Ubuntu_12.04.html). 
 6 | 
 7 | It supports filtering out unwanted users/groups, and it comes preloaded with a lot of filters.
 8 | 
 9 | # Requirements
10 | 
11 | - Python 2.7
12 | 
13 | # Example
14 | 
15 |     $ ./getent-report
16 | 
17 |     # Users
18 |     Name: Administrator
19 |     Email: administrator@digidentity.eu
20 |     Groups:domain admins, everyone,
21 | 
22 | 
23 |     Name: Jane Doe
24 |     Email: jdoe@digidentity.eu
25 |     Groups:everyone,
26 | 
27 |     # Groups
28 |     Group: marketing
29 |     Members: jdoe, dradcliff, jrowling
30 | 
31 |     Group: hr
32 |     Members: jtolkien, fbaggins, kjaneway
33 | 
34 |     # Statistics
35 |     Number of Users: 15
36 |     Number of Groups: 4
37 | 
38 | 
39 | 


--------------------------------------------------------------------------------
/getent-report.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python2
 2 | 
 3 | import subprocess, sys, operator
 4 | 
 5 | domain = "example.com"
 6 | 
 7 | allUsers = subprocess.Popen(["getent passwd"], stdout=subprocess.PIPE, shell=True) 
 8 | (outUser, errGroup) = allUsers.communicate()
 9 | 
10 | allGroup = subprocess.Popen(["getent group"], stdout=subprocess.PIPE, shell=True) 
11 | (outGroup, errGroup) = allGroup.communicate()
12 | 
13 | users = {}
14 | usernames = []
15 | groups = {}
16 | groupnames = []
17 | 
18 | Filter = ["sync", "guest", "nobody", "sshd", "sm_cb01120b539244b7b", "sm_a831d1c051744f3aa", "read-only domain controllers", "samba", "lp", "sudo", "lpadmin", "adm", "admins", "dip", "plugdev", "cdrom", "sambashare", "organization management", "exchange windows permissions", "utmp", "schema admins", "view-only organization management", "tty", "mail", "ircd", "ntp", "proxy", "news", "winbindd_priv", "disk", "staff", "tape", "mail", "bin", "fax", "kmem", "enterprise read-only domain controllers", "ssh", "shadow", "delegated setup", "daemon", "list", "receipient management", "domain controllers", "read only domain controllers", "syslog", "crontab", "video", "um management", "public folder management", "denied rodc password replication group", "irc", "ntp", "group policy creator owners", "news", "proxy", "src", "netdev", "libuuid", "games", "backup", "ssl-cert", "cert publishers", "records management", "operator", "gnats", "landscape", "server management", "enterprise admins", "system", "ump", "exchange trusted subsystem", "domain users", "domain guests", "whoopsie", "dialout", "ras and ias servers", "cdrom", "exchange servers", "utempter", "munin", "voice", "root", "nagios", "exchangelegacyinterop", "logcheck", "uucp", "floppy", "users", "exchange all hosted organizations", "sys", "postdrop", "man", "dnsupdateproxy", "audio", "nogroup", "postfix", "discovery management", "www-data", "allowed rodc password replication group", "sasl", "help desk", "domain computers", "recipient management", "dnsadmins"]
19 | 
20 | 
21 | for line in outUser.split("\n"):
22 |     if len(line.split(":")) == 7:
23 |         username = line.split(":")[0]
24 |         if username not in Filter:
25 |             usernames.append(username)
26 |             users[username] = {"fullname": line.split(":")[4], "email": username + "@" + domain, "function":"", "telephone":"", "groups":[]}
27 | 
28 | for line in outGroup.split("\n"):
29 |     if len(line.split(":")) == 4:
30 |         groupname = line.split(":")[0]
31 |         members = line.split(":")[3].split(",")
32 |         if groupname and groupname not in Filter:
33 |             groupnames.append(groupname)
34 |             groups[groupname] = {"members":members}
35 | 
36 | 
37 | for user in users:
38 |     for group in groups:
39 |         if group and group not in Filter:
40 |             if user in groups[group]['members']:
41 |                 if user:
42 |                     users[user]['groups'].append(group)
43 | usernames.sort()
44 | groupnames.sort()
45 | 
46 | print("# Users")
47 | 
48 | for user in usernames:
49 |     print(("Name: %s") % users[user]['fullname'])
50 |     print(("Email: %s") % users[user]['email'] )
51 |     sys.stdout.write(("Groups:"))
52 |     for group in users[user]['groups']:
53 |         sys.stdout.write(("%s, ") % group)
54 |     print("\n\n")
55 | 
56 | print("# Groups")
57 | for group in groupnames:
58 |     print(("Group: %s") % group)
59 |     sys.stdout.write(("Members: "))
60 |     for user in groups[group]["members"]:
61 |         sys.stdout.write(("%s, ") % user)
62 |     print("\n\n")
63 | 
64 | print("# Statistics")
65 | print(("Number of Users: %i") % len(usernames))
66 | print(("Number of Groups: %i") % len(groupnames))
67 | 


--------------------------------------------------------------------------------