34
34
loginShell='loginShell',
35
35
objectClass='objectClass')
36
36
filter = '(objectClass=posixAccount)'
37
bases = ( 'ou=people,dc=test,dc=tld', )
39
class Search(common.Search):
41
case_sensitive = ('uid', 'uidNumber', )
42
limit_attributes = ('uid', 'uidNumber', )
43
required = ('uid', 'uidNumber', 'gidNumber', 'gecos', 'homeDirectory',
40
47
class PasswdRequest(common.Request):
42
49
def write(self, dn, attributes, parameters):
43
# get uid attribute and check against requested user name
44
51
names = attributes['uid']
45
if 'uid' in parameters:
46
if parameters['uid'] not in names:
48
names = ( parameters['uid'], )
49
# get user password entry
50
52
if 'shadowAccount' in attributes['objectClass']:
53
55
passwd = attributes['userPassword'][0]
54
# get numeric user and group ids
55
uids = ( parameters['uidNumber'], ) if 'uidNumber' in parameters else attributes['uidNumber']
56
uids = [ int(x) for x in uids ]
57
# get other passwd properties
56
uids = [int(x) for x in attributes['uidNumber']]
58
57
gid = int(attributes['gidNumber'][0])
59
58
gecos = attributes['gecos'][0]
60
59
home = attributes['homeDirectory'][0]
64
63
if not common.isvalidname(name):
65
print 'Warning: passwd entry %s contains invalid user name: "%s"' % ( dn, name )
64
print '%s: %s: denied by validnames option' % (dn, attmap['uid'])
68
67
self.fp.write_int32(constants.NSLCD_RESULT_BEGIN)
98
97
action = constants.NSLCD_ACTION_PASSWD_ALL
101
# FIXME: have something in common that does this
102
def do_search(conn, flt=None, base=None):
103
mybases = ( base, ) if base else bases
106
# perform a search for each search base
110
scope = locals().get('scope', cfg.scope)
111
res = conn.search_s(base, scope, flt, [attmap['uid']])
115
except ldap.NO_SUCH_OBJECT:
119
100
def uid2entry(conn, uid):
120
101
"""Look up the user by uid and return the LDAP entry or None if the user
121
102
was not found."""
122
myfilter = '(&%s(%s=%s))' % ( filter,
123
attmap['uid'], ldap.filter.escape_filter_chars(uid) )
124
for dn, attributes in do_search(conn, myfilter):
125
if uid in attributes[attmap['uid']]:
126
return dn, attributes
103
for dn, attributes in Search(conn, parameters=dict(uid=uid)):
104
return dn, attributes
128
107
def uid2dn(conn, uid):
129
108
"""Look up the user by uid and return the DN or None if the user was
135
114
# FIXME: use cache of dn2uid and try to use DN to get uid attribute
137
117
def dn2uid(conn, dn):
138
118
"""Look up the user by dn and return a uid or None if the user was
141
for dn, attributes in do_search(conn, base=dn):
142
return attributes[attmap['uid']][0]
143
except ldap.NO_SUCH_OBJECT:
120
for dn, attributes in Search(conn, base=dn):
121
return attributes['uid'][0]