Univention Bugzilla – Attachment 8776 Details for
Bug 44373
S4C: DN escaping difference in `object_memberships_sync()` (usernames with "#)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
Test-script that demonstrates the different DN escapings.
dn-escaping-mismatch-poc.py (text/x-python), 2.52 KB, created by
Lukas Oyen
on 2017-04-13 15:54:43 CEST
(
hide
)
Description:
Test-script that demonstrates the different DN escapings.
Filename:
MIME Type:
Creator:
Lukas Oyen
Created:
2017-04-13 15:54:43 CEST
Size:
2.52 KB
patch
obsolete
>#!/usr/bin/python2.7 ># coding: utf-8 > >from __future__ import print_function > >import random >import string >import urllib >import ldap.dn >import ldap.filter >import subprocess >import univention.config_registry >from univention.config_registry.frontend import ucr_update >import univention.uldap as uldap > >configRegistry = univention.config_registry.ConfigRegistry() >configRegistry.load() > > >def s4_connection(): > path = configRegistry.get("connector/s4/ldap/socket") > ldap_uri = "{}://{}".format("ldapi", urllib.quote(path, safe="")) > ldap_base = configRegistry.get("connector/s4/ldap/base") > > arguments = {"uri": ldap_uri, "base": ldap_base, "binddn": None, "bindpw": None, > "follow_referral": True, "ca_certfile": configRegistry.get("connector/s4/ldap/certificate"), > "start_tls": 2 if configRegistry.is_true("connector/s4/ldap/ssl") else 0} > > s4 = uldap.access(**arguments) > (ldap_dn_correct_case, ) = s4.getAttr(ldap_base, "distinguishedName", required=True) > s4.base = ldap_dn_correct_case > return s4 > > >def random_name(): > return ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(10)) > > >def create_s4_user(): > username = 's4_testuser_{}_#'.format(random_name()) > subprocess.check_call(["samba-tool", "user", "create", username, "Univention123"]) > return username > > >def create_ucs_user(): > base = configRegistry.get("ldap/base") > username = 'ucs_testuser_{}_#"'.format(random_name()) > subprocess.check_call(["udm", "users/user", "create", "--position", > "cn=users,{}".format(base), "--set", 'username={}'.format(username), > "--set", "lastname=testuser", "--set", "password=univention"]) > return username > > >def normalize_dn(dn): > return ldap.dn.dn2str(ldap.dn.str2dn(dn)) > > >if __name__ == "__main__": > username_key = "directory/manager/web/modules/users/user/properties/username/syntax" > subprocess.call(["service", "univention-s4-connector", "stop"]) > ucr_update(configRegistry, {username_key: "string"}) > subprocess.call(["pkill", "-f", "univention-cli-server"]) > > print("Testing with S4") > username = create_s4_user() > access = s4_connection() > fexp = ldap.filter.filter_format("(cn=%s)", (username,)) > for (dn, _) in access.search(fexp, attr=["dn"]): > if dn is not None: > print("s4 ", dn) > print("s4 normalized", normalize_dn(dn)) > > print("Testing with UCS") > username = create_ucs_user() > access = uldap.getAdminConnection() > fexp = ldap.filter.filter_format("(uid=%s)", (username,)) > for (dn, _) in access.search(fexp, attr=["dn"]): > if dn is not None: > print("ucs ", dn) > print("ucs normalized", normalize_dn(dn))
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=8776">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 44373
: 8776