#!/usr/bin/python
import ldap
import dns.resolver
import datetime
import time
import sys
import pprint
pp = pprint.PrettyPrinter(depth=6)

def getldap(host, username, password, basedn, filter, atribs):
        l = ldap.initialize('ldap://' + host)
        l.simple_bind_s(username, password)
        return l.search_s(basedn, ldap.SCOPE_SUBTREE, filter, atribs)

dcs = dns.resolver.query('_ldap._tcp.example.org', 'SRV')
dclist = []
for dc in dcs:
        dclist.append(dc.target.to_text()[:-1])

results = []
for server in dclist:
        results = results + getldap(server,
                'CN=username,OU=users,DC=example,DC=org',
                'query',
                'OU=users,DC=example,DC=org',
                "(&" +
                        "(!(objectClass=computer))" +
                        "(objectClass=user)" +
                        "(sAMAccountName=*)" +
                        "(lastLogon=*)" +
                        "(!(userAccountControl:1.2.840.113556.1.4.803:=2))" +
                ")",
                ['name', 'lastLogon'])

people = {}
for r in results:
        name = r[1].get('name')[0]
        lastlogon = int(r[1].get('lastLogon')[0])

        if people.has_key(name):
                if people[name] < lastlogon:
                        people[name] = lastlogon
        else:
                people[name] = lastlogon


for name, lastlogon in people.iteritems():
        if lastlogon > 0:
                lastlogon = (lastlogon / 10000000) - 11644473600
        lastlogon = datetime.datetime(*time.localtime(lastlogon)[0:7])

        if (datetime.datetime.now() - lastlogon) > \
                        datetime.timedelta(days = 30):
                print name + "," + str(lastlogon)