Univention Bugzilla – Attachment 7801 Details for
Bug 41745
univention.admin.uldap doesn't set self.binddn when calling bind manually
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
41745.patch (text/plain), 3.16 KB, created by
Florian Best
on 2016-07-14 13:58:36 CEST
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Florian Best
Created:
2016-07-14 13:58:36 CEST
Size:
3.16 KB
patch
obsolete
>diff --git a/management/univention-directory-manager-modules/modules/univention/admin/uldap.py b/management/univention-directory-manager-modules/modules/univention/admin/uldap.py >index b43cf9d..4a618ec 100644 >--- a/management/univention-directory-manager-modules/modules/univention/admin/uldap.py >+++ b/management/univention-directory-manager-modules/modules/univention/admin/uldap.py >@@ -251,6 +251,8 @@ def __init__(self, host='localhost', port=None, base='', binddn='', bindpw='', s > self.licensetypes = ['UCS'] > > def bind(self, binddn, bindpw): >+ self.binddn = binddn >+ self.bindpw = bindpw > try: > self.lo.bind(binddn, bindpw) > except ldap.INVALID_CREDENTIALS: >diff --git a/management/univention-management-console/src/univention/management/console/base.py b/management/univention-management-console/src/univention/management/console/base.py >index d8cc821..b4a152c 100644 >--- a/management/univention-management-console/src/univention/management/console/base.py >+++ b/management/univention-management-console/src/univention/management/console/base.py >@@ -112,6 +112,7 @@ def query(self, request): > import ldap > import ldap.sasl > import sys >+import re > > from univention.lib.i18n import Translation > >@@ -345,8 +346,13 @@ def bind_user_connection(self, lo): > ldap.sasl.CB_PASS: self._password > }, 'SAML') > lo.lo.lo.sasl_interactive_bind_s('', saml) >+ binddn = re.sub('^dn:', '', lo.lo.lo.whoami_s()) >+ lo.binddn = binddn >+ lo.lo.binddn = binddn > else: > lo.lo.bind(self._user_dn, self._password) >+ lo.binddn = lo.lo.binddn >+ lo.bindpw = lo.lo.bindpw > > def require_password(self): > if self.auth_type is not None: >diff --git a/ucs-school-lib/python/models/school.py b/ucs-school-lib/python/models/school.py >index 0dc4197..371ae1a 100644 >--- a/ucs-school-lib/python/models/school.py >+++ b/ucs-school-lib/python/models/school.py >@@ -407,7 +407,7 @@ class School(UCSSchoolHelperAbstractClass): > schools.append(cls.from_dn(cls(name=ou).dn, lo)) > except noObject: > pass >- return cls._filter_local_schools(schools) >+ return cls._filter_local_schools(schools, lo) > > if 'ou=' in lo.binddn: > # user has no ucsschoolSchool attribute (not migrated yet) >@@ -418,7 +418,7 @@ class School(UCSSchoolHelperAbstractClass): > logger.debug('Schools from binddn: Found an OU in the LDAP binddn. Restricting schools to only show %s', school_dn) > school = cls.from_dn(school_dn, None, lo) > logger.debug('Schools from binddn: Found school: %r', school) >- return cls._filter_local_schools([school]) >+ return cls._filter_local_schools([school], lo) > > logger.warning('Schools from binddn: Unable to identify OU of this account - showing all local OUs!') > return School.get_all(lo) >diff --git a/ucs-school-lib/python/schoolldap.py b/ucs-school-lib/python/schoolldap.py >index 2fca429..e147ec9 100644 >--- a/ucs-school-lib/python/schoolldap.py >+++ b/ucs-school-lib/python/schoolldap.py >@@ -361,6 +361,8 @@ class SchoolBaseModule(Base): > user_dn = None > MODULE.warn('Cannot read /etc/machine.secret: %s' % (exc,)) > lo.lo.bind(user_dn, password) >+ lo.binddn = user_dn >+ lo.binpw = password > return > return super(SchoolBaseModule, self).bind_user_connection(lo) >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=7801">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 41745
:
7789
|
7801
|
7810