|
Lines 196-205
def calculate_krb5keys(supplementalCredentialsblob):
Link Here
|
| 196 |
return keys |
196 |
return keys |
| 197 |
|
197 |
|
| 198 |
|
198 |
|
| 199 |
def set_password_in_ad(connector, samaccountname, pwd): |
199 |
def set_password_in_ad(connector, samaccountname, pwd, reconnect=False): |
| 200 |
_d = ud.function('ldap.ad.set_password_in_ad') # noqa: F841 |
200 |
_d = ud.function('ldap.ad.set_password_in_ad') # noqa: F841 |
| 201 |
|
201 |
|
| 202 |
# print "Static Session Key: %s" % (samr.session_key,) |
202 |
# print "Static Session Key: %s" % (samr.session_key,) |
|
|
203 |
if reconnect: |
| 204 |
if connector.dom_handle: |
| 205 |
connector.samr.Close(connector.dom_handle) |
| 206 |
connector.samr = None |
| 207 |
|
| 203 |
if not connector.samr: |
208 |
if not connector.samr: |
| 204 |
connector.open_samr() |
209 |
connector.open_samr() |
| 205 |
|
210 |
|
|
Lines 394-400
def password_sync_ucs(connector, key, object):
Link Here
|
| 394 |
if not pwd == nt_hash: |
399 |
if not pwd == nt_hash: |
| 395 |
ud.debug(ud.LDAP, ud.INFO, "password_sync_ucs: Hash AD and Hash UCS differ") |
400 |
ud.debug(ud.LDAP, ud.INFO, "password_sync_ucs: Hash AD and Hash UCS differ") |
| 396 |
pwd_set = True |
401 |
pwd_set = True |
| 397 |
res = set_password_in_ad(connector, object['attributes']['sAMAccountName'][0], pwd) |
402 |
try: |
|
|
403 |
res = set_password_in_ad(connector, object['attributes']['sAMAccountName'][0], pwd) |
| 404 |
except Exception as e: |
| 405 |
ud.debug(ud.LDAP, ud.PROCESS, "password_sync: set_password_in_ad failed with %s, retry with reconnect" % str(e)) |
| 406 |
res = set_password_in_ad(connector, object['attributes']['sAMAccountName'][0], pwd, reconnect=True) |
| 398 |
|
407 |
|
| 399 |
if not pwd_set or nt_hash: |
408 |
if not pwd_set or nt_hash: |
| 400 |
newpwdlastset = "-1" # if pwd was set in ad we need to set pwdlastset to -1 or it will be 0 |
409 |
newpwdlastset = "-1" # if pwd was set in ad we need to set pwdlastset to -1 or it will be 0 |