Extractinga and displaying a list of blocked users for staff

[humpda]

Hi
As with all schools, we regularly block users for various offences. However I have problems providing communication to staff regarding blocked students...is there a script (or program) that schools out their use that can scan active directory for disabled users and generate a html report or something similar...I would like to be able to put this on our Intranet for Teachers and maybe once every couple of days update it. Many thanks for your time

[kylewilliamson]

You can do this live with some PHP based LDAP jiggery pokery

[humpda]

any ideas where one can access some jiggery pockery

[kylewilliamson]

Yes.. lets see.. http://uk3.php.net/ldap would be a place to start, as would 'Active Directory PHP' on Google too

Kyle

[CyberNerd]

I have a python script to do things with non-disabled accounts (auto create zimbra accounts etc).
use 514 to do things with disabled accounts.
#userAccountControl 512 = normal , 514 = disabled account

Code:

#!/usr/bin/python
import ldap, string, os, time, sys
             
domain =  "example.com"
l=ldap.initialize("ldap://server."+domain+":389") # pick an LDAP server
l.simple_bind_s("domain\\username","password") 

scope	= 'ou=domain,dc=com'

  
try:
    res = l.search_s(scope, 
    ldap.SCOPE_SUBTREE, "(&(ObjectCategory=user) (userAccountControl=512)(employeeType=STUDENT))", ['sAMAccountName','givenName','sn'])
#userAccountControl  512 = normal , 514 = disabled account
    for (dn, vals) in res:
      do *whatever*
                 
except ldap.LDAPError, error_message:
  print error_message          

l.unbind_s()

oh, I think in future the boss is planning on adding user defined fields to SIMS (we have it in CMIS and apparently LA say its OK to migrate). We will have AD account name and disabled (yes/no) as user defined fields in SIMS.

[TechMonkey]

Surely you need to keep a log of them as well to know who is off so make a simple text file log system that shows the dates they are off. Then produce a page Staff can access that will show students that are currently banned. Keeps admin and communication neat and simple in one place