|
Lines 323-348
Link Here
|
| 323 |
except UnicodeDecodeError: |
323 |
except UnicodeDecodeError: |
| 324 |
pass # values are not the same codec |
324 |
pass # values are not the same codec |
| 325 |
|
325 |
|
| 326 |
filter_parts_s4 = [format_escaped('(objectclass={0!e})', ocs4), format_escaped('(samaccountname={0!e})', value)] |
326 |
filter_parts_s4 = [format_escaped(u'(objectclass={0!e})', ocs4), format_escaped(u'(samaccountname={0!e})', value)] |
| 327 |
if dn_attr and dn_attr_val: |
327 |
if dn_attr and dn_attr_val: |
| 328 |
# also look for dn attr (needed to detect modrdn) |
328 |
# also look for dn attr (needed to detect modrdn) |
| 329 |
filter_parts_s4.append(format_escaped('({0}={1!e})', dn_attr, dn_attr_val)) |
329 |
filter_parts_s4.append(format_escaped(u'({0}={1!e})', dn_attr, dn_attr_val)) |
| 330 |
filter_s4 = compatible_modstring(u'(&{})'.format(''.join(filter_parts_s4))) |
330 |
filter_s4 = compatible_modstring(u'(&{})'.format(''.join(filter_parts_s4))) |
| 331 |
ud.debug(ud.LDAP, ud.INFO, "samaccount_dn_mapping: search in s4 for %s" % filter_s4) |
331 |
ud.debug(ud.LDAP, ud.INFO, "samaccount_dn_mapping: search in s4 for %s" % filter_s4) |
| 332 |
result = s4connector.lo_s4.lo.search_ext_s(s4connector.lo_s4.base, ldap.SCOPE_SUBTREE, filter_s4, ['sAMAccountName']) |
332 |
result = s4connector.lo_s4.lo.search_ext_s(s4connector.lo_s4.base, ldap.SCOPE_SUBTREE, filter_s4, ['sAMAccountName']) |
| 333 |
|
333 |
|
| 334 |
if result and len(result) > 0 and result[0] and len(result[0]) > 0 and result[0][0]: # no referral, so we've got a valid result |
334 |
if result and len(result) > 0 and result[0] and len(result[0]) > 0 and result[0][0]: # no referral, so we've got a valid result |
| 335 |
s4dn = unicode(encode_attrib(result[0][0])) |
335 |
s4dn = unicode(encode_attrib(result[0][0]), 'utf8') |
| 336 |
if dn_key == 'olddn' or (dn_key == 'dn' and 'olddn' not in object): |
336 |
if dn_key == 'olddn' or (dn_key == 'dn' and 'olddn' not in object): |
| 337 |
newdn = s4dn |
337 |
newdn = s4dn |
| 338 |
else: |
338 |
else: |
| 339 |
s4_rdn = ldap.dn.str2dn(s4dn)[0] |
339 |
s4_rdn = ldap.dn.str2dn(s4dn)[0] |
| 340 |
new_s4_dn = unicode(ldap.dn.dn2str([s4_rdn] + exploded_dn[1:])) |
340 |
new_s4_dn = unicode(ldap.dn.dn2str([s4_rdn] + exploded_dn[1:]), 'utf8') |
| 341 |
newdn = new_s4_dn.lower().replace(s4connector.lo_s4.base.lower(), s4connector.lo.base.lower()) |
341 |
newdn = new_s4_dn.lower().replace(s4connector.lo_s4.base.lower(), s4connector.lo.base.lower()) |
| 342 |
|
342 |
|
| 343 |
else: |
343 |
else: |
| 344 |
newdn_rdn = [('cn', fst_rdn_value, ldap.AVA_STRING)] |
344 |
newdn_rdn = [('cn', fst_rdn_value, ldap.AVA_STRING)] |
| 345 |
newdn = unicode(ldap.dn.dn2str([newdn_rdn] + exploded_dn[1:])) # new object, don't need to change |
345 |
newdn = unicode(ldap.dn.dn2str([newdn_rdn] + exploded_dn[1:]), 'utf8') # new object, don't need to change |
| 346 |
ud.debug(ud.LDAP, ud.INFO, "samaccount_dn_mapping: newdn: %s" % newdn) |
346 |
ud.debug(ud.LDAP, ud.INFO, "samaccount_dn_mapping: newdn: %s" % newdn) |
| 347 |
else: |
347 |
else: |
| 348 |
# get the object to read the sAMAccountName in S4 and use it as name |
348 |
# get the object to read the sAMAccountName in S4 and use it as name |
|
Lines 381-387
Link Here
|
| 381 |
ucsdn_filter = format_escaped(u'(&(objectclass={0!e})({1}={2!e}))', ocucs, ucsattrib, samaccountname) |
381 |
ucsdn_filter = format_escaped(u'(&(objectclass={0!e})({1}={2!e}))', ocucs, ucsattrib, samaccountname) |
| 382 |
ucsdn_result = s4connector.search_ucs(filter=ucsdn_filter, base=s4connector.lo.base, scope='sub', attr=['objectClass']) |
382 |
ucsdn_result = s4connector.search_ucs(filter=ucsdn_filter, base=s4connector.lo.base, scope='sub', attr=['objectClass']) |
| 383 |
if ucsdn_result and len(ucsdn_result) > 0 and ucsdn_result[0] and len(ucsdn_result[0]) > 0: |
383 |
if ucsdn_result and len(ucsdn_result) > 0 and ucsdn_result[0] and len(ucsdn_result[0]) > 0: |
| 384 |
ucsdn = unicode(ucsdn_result[0][0]) |
384 |
ucsdn = unicode(ucsdn_result[0][0], 'utf8') |
| 385 |
|
385 |
|
| 386 |
if ucsdn and (dn_key == 'olddn' or (dn_key == 'dn' and 'olddn' not in object)): |
386 |
if ucsdn and (dn_key == 'olddn' or (dn_key == 'dn' and 'olddn' not in object)): |
| 387 |
newdn = ucsdn |
387 |
newdn = ucsdn |
|
Lines 392-398
Link Here
|
| 392 |
else: |
392 |
else: |
| 393 |
newdn_rdn = [(ucsattrib, samaccountname, ldap.AVA_STRING)] |
393 |
newdn_rdn = [(ucsattrib, samaccountname, ldap.AVA_STRING)] |
| 394 |
|
394 |
|
| 395 |
newdn = unicode(ldap.dn.dn2str([newdn_rdn] + exploded_dn[1:])) # guess the old dn |
395 |
newdn = unicode(ldap.dn.dn2str([newdn_rdn] + exploded_dn[1:]), 'utf8') # guess the old dn |
| 396 |
try: |
396 |
try: |
| 397 |
ud.debug(ud.LDAP, ud.INFO, "samaccount_dn_mapping: newdn for key %s:" % dn_key) |
397 |
ud.debug(ud.LDAP, ud.INFO, "samaccount_dn_mapping: newdn for key %s:" % dn_key) |
| 398 |
ud.debug(ud.LDAP, ud.INFO, "samaccount_dn_mapping: olddn: %s" % dn) |
398 |
ud.debug(ud.LDAP, ud.INFO, "samaccount_dn_mapping: olddn: %s" % dn) |
|
Lines 807-813
Link Here
|
| 807 |
""" |
807 |
""" |
| 808 |
def convert_field(self, value, conversion): |
808 |
def convert_field(self, value, conversion): |
| 809 |
if conversion == 'e': |
809 |
if conversion == 'e': |
| 810 |
return escape_filter_chars(str(value)) |
810 |
if isinstance(value, unicode): |
|
|
811 |
return escape_filter_chars(value.encode('utf-8')).decode('utf-8') |
| 812 |
elif isinstance(value, str): |
| 813 |
return escape_filter_chars(value) |
| 814 |
else: |
| 815 |
return escape_filter_chars(str(value)) |
| 811 |
return super(LDAPEscapeFormatter, self).convert_field(value, conversion) |
816 |
return super(LDAPEscapeFormatter, self).convert_field(value, conversion) |
| 812 |
|
817 |
|
| 813 |
|
818 |
|
|
Lines 1342-1348
Link Here
|
| 1342 |
|
1347 |
|
| 1343 |
rdn_exploded = ldap.dn.str2dn(rdn) |
1348 |
rdn_exploded = ldap.dn.str2dn(rdn) |
| 1344 |
parent_exploded = ldap.dn.str2dn(object['attributes']['lastKnownParent'][0]) |
1349 |
parent_exploded = ldap.dn.str2dn(object['attributes']['lastKnownParent'][0]) |
| 1345 |
return unicode(ldap.dn.dn2str(rdn_exploded + parent_exploded)) |
1350 |
return unicode(ldap.dn.dn2str(rdn_exploded + parent_exploded), 'utf8') |
| 1346 |
else: |
1351 |
else: |
| 1347 |
ud.debug(ud.LDAP, ud.WARN, 'lastKnownParent attribute for deleted object rdn="%s" was not set, so we must ignore the object' % rdn) |
1352 |
ud.debug(ud.LDAP, ud.WARN, 'lastKnownParent attribute for deleted object rdn="%s" was not set, so we must ignore the object' % rdn) |
| 1348 |
return None |
1353 |
return None |
|
Lines 1588-1594
Link Here
|
| 1588 |
|
1593 |
|
| 1589 |
# Exclude primary group |
1594 |
# Exclude primary group |
| 1590 |
ucs_object_gid = object_ucs['attributes'].get('gidNumber', [])[0] |
1595 |
ucs_object_gid = object_ucs['attributes'].get('gidNumber', [])[0] |
| 1591 |
ucs_group_filter = format_escaped('(&(objectClass=univentionGroup)(uniqueMember={0!e})(!(gidNumber={1!e})))', object_ucs['dn'], ucs_object_gid) |
1596 |
ucs_group_filter = format_escaped(u'(&(objectClass=univentionGroup)(uniqueMember={0!e})(!(gidNumber={1!e})))', object_ucs['dn'], ucs_object_gid) |
| 1592 |
ucs_groups_ldap = self.search_ucs(filter=ucs_group_filter) |
1597 |
ucs_groups_ldap = self.search_ucs(filter=ucs_group_filter) |
| 1593 |
|
1598 |
|
| 1594 |
if ucs_groups_ldap == []: |
1599 |
if ucs_groups_ldap == []: |