% iLdZddlZddlZddlZddlZddlZddlZddlZddl Z ddl m Z ddl Tddl mZdadagZdaddlZeZ d%d Zd&d Z d'd Zd ZdZdZGddZefdZdZdZdZdZ dZ!dZ"dZ#defdefde fde!fde"fde#ffZ$Gd d!ej%Z&d"Z'e(d#kr$ e'dS#e)$re*d$YdSwxYwdS)(aA re-implementation of the MS DirectoryService samples related to services. * Adds and removes an ActiveDirectory "Service Connection Point", including managing the security on the object. * Creates and registers Service Principal Names. * Changes the username for a domain user. Some of these functions are likely to become move to a module - but there is also a little command-line-interface to try these functions out. For example: scp.py --account-name=domain\user --service-class=PythonScpTest \ --keyword=foo --keyword=bar --binding-string=bind_info \ ScpCreate SpnCreate SpnRegister would: * Attempt to delete a Service Connection Point for the service class 'PythonScpTest' * Attempt to create a Service Connection Point for that class, with 2 keywords and a binding string of 'bind_info' * Create a Service Principal Name for the service and register it to undo those changes, you could execute: scp.py --account-name=domain\user --service-class=PythonScpTest \ SpnCreate SpnUnregister ScpDelete which will: * Create a SPN * Unregister that SPN from the Active Directory. * Delete the Service Connection Point Executing with --test will create and remove one of everything. N)adsi)*)DispatchserviceConnectionPointAc b|p|}|stjtj}|tjtj}t jd|zt j} |pg}dtt|ffdtt|ffdtt|fdtt|ffdtt|ffdtt|ffdtt|ffg} | d |z| } t d |t| } t|| | S) NLDAP://cn objectClasskeywordsserviceDnsNameserviceDnsNameTypeserviceClassNameserviceBindingInformationcn=zNew connection point is at %s)win32apiGetComputerNameExwin32conComputerNameDnsFullyQualifiedGetComputerObjectNameNameFullyQualifiedDNr ADsGetObjectIID_IDirectoryObjectADS_ATTR_UPDATEADSTYPE_CASE_IGNORE_STRINGCreateDSObjectloggerinforAllowAccessToScpProperties) service_binding_infoservice_class_name account_namecontainer_namer object_class dns_name_typedndns_namecompattrsnews C:\Users\Dell Inspiron 16\Desktop\tws\AgrotaPowerBi\back-agrota-powerbi\mcp-client-agrota\venv\Lib\site-packages\win32comext/adsi/demos/scp.py ScpCreater-?s>$9'9N V-h.TUU z  +H,I J J  Y^T-F G GD~2H  :^2NNN  Y^T-F G GD./// KK7HHHHHr.z&{28630eb8-41d5-11d1-a9c1-0000f80367c1}z&{b7b1311c-b82e-11d0-afee-0000f80367c1}c|r|}ntjtj}d}t ||}|j}|D]q}t tj}ttz|_ ||_ t|_d|_t |_||_||r||_t)||||t,d|dS)NnTSecurityDescriptorrz%Set security on object for account %r)rrrNameSamCompatiblegetattrDiscretionaryAclrrCLSID_AccessControlEntryADS_RIGHT_DS_READ_PROPADS_RIGHT_DS_WRITE_PROP AccessMaskTrustee!ADS_ACETYPE_ACCESS_ALLOWED_OBJECTAceTypeAceFlagsADS_FLAG_OBJECT_TYPE_PRESENTFlags ObjectTypeAddAcesetattrSetInforr) accountSAM scpObject schemaIDGUIDstrustee attributesdaclsguidaces r,r r sM01KLL'I I & &B Ct45502II 8  1  3B Iy"%%%  KK7AAAAAr.ct|tst|ds Jd|ztjtj}|ddd}|stjtj }t d|tj |tjtjztjz}tj|d}t d tj|||||dS) N__iter__z+spns must be a sequence of strings (got %r)\rrzSpnRegister using DN '%s') domainNameflagsDomainControllerNamezDsWriteAccountSpn with spns %s) isinstancestrhasattrr GetUserNameExr6splitrrrrr0 win32security DsGetDcNamedsconDS_IS_FLAT_NAMEDS_RETURN_DNS_NAMEDS_DIRECTORY_SERVICE_REQUIREDDsBindDsWriteAccountSpnClose) serviceAcctDNspns operationsamNamerhandles r, SpnRegisterris8 $$$z)B)B5< B $X%?@@GmmD!$$Q'G V 6x7TUU  LL,m<<<  $#  "#  -.   D !$'="> ? ?F LL1222#  LLNNNNNr.cxd|z}tj|tj}||dS)Nr )rr IID_IADsUser SetPassword) username_dn new_password accountPathusers r,UserChangePasswordrqs?k)K  [$*; < sbOPPP  ! B((&B""    D q'C c""" Jr.ctst|dtt|ddtftjtS)z4Register a previously created Service Principal Namez(SpnCreate must appear before SpnRegisteraccount_name_dnN)rrrirr]DS_SPN_ADD_SPN_OPrs r,do_SpnRegisterrUsR FbDEEEB)400   r.ctst|dtt|ddtftjtS)z6Unregister a previously created Service Principal Namez*SpnCreate must appear before SpnUnregisterrN)rrrirr]DS_SPN_DELETE_SPN_OPrs r,do_SpnUnregisterrbsR HbFGGGB)400  " r.c^tt|dt|ddS)z(Change the password for a specified userrpasswordzPassword changed OK)rqrrs r,do_UserChangePasswordrns-{2'899;r:;V;VWWW r.r-r2 SpnCreateri SpnUnregisterrqceZdZdZdS) HelpFormatterc|Srsr)self descriptions r,format_descriptionz HelpFormatter.format_descriptionsr.N)r|r}r~rrr.r,rr~s#r.rcj i}g}tD]e\}}dtj|jd}|d|d||||<ftdzd|zdz}tjd|t}| d d d d d | dddd| dddd| dddd| ddd| dddd | dd!d"| dd#d$| dd%d&| dd'd(d)d*+| dd,d-ttj .|\}}||f} t|j|_n,#t"t$f$r|d/YnwxYw t|j} n#t"t$f$rp tt+t|j} n2#t$t"t.f$r|d0YnwxYwYnwxYw t0j} n(#t.$rtjj} YnwxYw| | |jr|jr|d1|jr|xjd zc_|ja|jr|r|d2d3}t=d d4||}|j sd5|_ t=d6d7|j |j!s/d8|_!t=d6d9|j!|j"sd:|_"t=d6d;|j"|s|d<|D]0}||vr|d=|z1|j#rt=d6d>|j#tIj%|j#tLj'tLj(|_)t=d6d?|j)tIj%|j#tLj'tLj*|_+t=d6d@|j+|D]}||} | |dA|zd} t=d6dB|| | }t=d dC||n/#|j,r"t[dDt]j/xYwne#t`j$r/}|j1\}}}}|r |d6}nd}|} |r| dE|zz } Yd}~n,d}~wtLj$r}|j1\}}}|} Yd}~nd}~wwxYw| rt=d dF|| dS)GN z )subsequent_indentz z: z commands: z%prog [options] command ...)usager formatterz-vcountrtrz)increase the verbosity of status messages)actiondestrhelpz-qz--quiet store_truezDon't print any status messages)rrz-tz--testzGExecute a mini-test suite, providing defaults for most options and argsz--show-tracebacksz&Show the tracebacks for any exceptionsz--service-classzThe service class name to use)rz--portrz)The port number to associate with the SPN)rrz--binding-stringz*The binding string to use for SCP creationz--account-namez0The account name to use (default is LocalSystem)z --passwordzThe password to set.z --keywordrr z[A keyword to add to the SCP. May be specified multiple times)rrrz --log-levelz`The log-level to use - may be a number or a logging module constant)rrz--port must be numericzInvalid --log-level valuez#Can't specify --quiet and --verbosezCan't specify args with --testzAScpDelete ScpCreate SpnCreate SpnRegister SpnUnregister ScpDeletez!--test - pretending args are: %s PythonScpTestrz--test: --service-class=%szPython Poweredz--test: --keyword=%sztest binding stringz--test: --binding-string=%sz4No command specified (use --help for valid commands)z4Invalid command '%s' (use --help for valid commands)zTranslating account name '%s'zNameSamCompatible is '%s'zNameFullyQualifiedDNis '%s'zInvalid command '%s'zExecuting '%s'...z%s: %sz/--show-tracebacks specified - dumping exceptionz zCommand '%s' failed: %s)2handlersjointextwrapwrap__doc__rloweroptparse OptionParserr add_optionrWloggingWARNING parse_argsintr TypeError ValueErrorr log_levelr7upperAttributeErrorrsetLevel getLoggerquietrttestryrZrr rr#r[ TranslateNamer NameUnknownr6rrrshow_tracebacksru traceback print_excrrx)_handlers_dict arg_descsargfunc this_descrrrrxrrslhandlererr_msgresultxxx_todo_changemehrdescexcargerr extra_descxxx_todo_changeme1rws r,mainrsNI++ TIIhmDLGTTTUU 0c00Y00111&*syy{{##O+dii .B.BBTIK  "+//F     8   i 3T   V    5  b+2QRRR  Ha&Q  %Q  #U b,-CDDD   0   0GO$$ %%''MGT ' B/7<(( z "/// -...../6)** z "666 6GGW->-D-D-F-FGGHHIII~6 6 6 6 LL4 5 5 5 5 5 66 * _ ***   )*ByMMM}<< :;;;}1oG|J  ; LL9 : : :R A3T:::zz||$ H$3G ! /1F G G G =/5577G  )7+; < < <% J%:G " 0'2H I I I M KLLLWW 99;;n , , LLORUU V V V G A.0DEEE#0#>  ("68R$ $   A*G,DEEE"/"=  ("68U# #  A,g.EFFF<< - ? LL/#5 6 6 6  A*C000 Axf---- **KLLL'))) . z / / /&7&< #RsF  V  G /6J..~   05ORsGGGGGG   < ,c7 ; ; ;9<H?IK*9J$#K$,KKKKK K**"LL.VV8,V44V88X%W11X XX__main__z*** Interrupted)NNNrrNNrs)r3)+rrrr ntsecurityconr]rrr[r win32com.adsirwin32com.adsi.adsiconwin32com.clientrrtrrrrrr-r2r rirqryr{rrrrrrrrrIndentedHelpFormatterrrr|KeyboardInterruptrurr.r,rs""H####$$$$$$     ) 7777tIIII>5B5B5B5BH&&&R###         '1 ! ! !   .      !!!,,,N#&'01  H2 k<k<k<\ z!  !!!       !s6 CCC