forked from shaniacht1/content
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathautomation-ADGetUsersByEmail.yml
44 lines (44 loc) · 1.44 KB
/
automation-ADGetUsersByEmail.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
args:
- description: Email address by which to search
name: email
required: true
- description: Include these AD attributes of the resulting objects in addition to
the default ones
name: attributes
comment: Use Active Directory to retrieve the user associated with the specified email
address.
commonfields:
id: ADGetUsersByEmail
version: -1
dependson:
must:
- ad-search
deprecated: true
name: ADGetUsersByEmail
runonce: false
script: |-
# Optional arguments and default values
attrs = 'name,displayname,mail'
if demisto.get(demisto.args(), 'attributes'):
attrs += "," + demisto.args()['attributes']
email = demisto.args()['email']
filterstr = r"(&(objectClass=user)(mail=" + email + "))"
resp = demisto.executeCommand( 'AdSearch', { 'filter' : filterstr, 'attributes' : attrs } )
if not isError(resp[0]) and not 'No results' == resp[0]['Contents']:
if isinstance(resp[0]['Contents'], list) and resp[0]['Contents']:
person = resp[0]['Contents'][0]
dispname = demisto.get(person, 'displayname')
if dispname:
demisto.setContext('ADDisplayName', dispname)
name = demisto.get(person, 'name')
if name:
demisto.setContext('ADPersonName', name)
dn = demisto.get(person, 'dn')
if dn:
demisto.setContext('ADDistinguishedName', dn)
demisto.results(resp)
scripttarget: 0
system: true
tags:
- active directory
type: python