Univention Bugzilla – Attachment 9623 Details for
Bug 47391
Password reset is not correctly synced from s4toucs if the same password is used again
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
password.py.patch
password.py.patch (text/plain), 2.07 KB, created by
Felix Botner
on 2018-08-08 12:32:14 CEST
(
hide
)
Description:
password.py.patch
Filename:
MIME Type:
Creator:
Felix Botner
Created:
2018-08-08 12:32:14 CEST
Size:
2.07 KB
patch
obsolete
>diff --git a/services/univention-s4-connector/modules/univention/s4connector/s4/password.py b/services/univention-s4-connector/modules/univention/s4connector/s4/password.py >index 4c58382..7a6581f 100644 >--- a/services/univention-s4-connector/modules/univention/s4connector/s4/password.py >+++ b/services/univention-s4-connector/modules/univention/s4connector/s4/password.py >@@ -809,12 +809,21 @@ def password_sync_s4_to_ucs(s4connector, key, ucs_object, modifyUserPassword=Tru > if pwexp_value: > new_shadowMax = pwexp_value > new_krb5end = time.strftime("%Y%m%d000000Z", time.gmtime((pwdLastSet_unix + (int(pwexp_value) * 3600 * 24)))) >+ >+ if pwdLastSet == 0: >+ new_shadowMax = new_shadowMax or '1' >+ if new_krb5end is None: >+ expiry = long(time.time()) >+ new_krb5end = time.strftime("%Y%m%d000000Z", time.gmtime(expiry)) >+ > if old_shadowMax or new_shadowMax: >- ud.debug(ud.LDAP, ud.INFO, "password_sync_s4_to_ucs: update shadowMax to %s for %s" % (new_shadowMax, ucs_object['dn'])) >- modlist.append(('shadowMax', old_shadowMax, new_shadowMax)) >+ if old_shadowMax != new_shadowMax: >+ ud.debug(ud.LDAP, ud.INFO, "password_sync_s4_to_ucs: update shadowMax to %s for %s" % (new_shadowMax, ucs_object['dn'])) >+ modlist.append(('shadowMax', old_shadowMax, new_shadowMax)) > if old_krb5end or new_krb5end: >- ud.debug(ud.LDAP, ud.INFO, "password_sync_s4_to_ucs: update krb5PasswordEnd to %s for %s" % (new_krb5end, ucs_object['dn'])) >- modlist.append(('krb5PasswordEnd', old_krb5end, new_krb5end)) >+ if old_krb5end != new_krb5end: >+ ud.debug(ud.LDAP, ud.INFO, "password_sync_s4_to_ucs: update krb5PasswordEnd to %s for %s" % (new_krb5end, ucs_object['dn'])) >+ modlist.append(('krb5PasswordEnd', old_krb5end, new_krb5end)) > > if sambaPwdLastSet: > if sambaPwdLastSet != newSambaPwdLastSet: >diff --git a/test/ucs-ec2-tools b/test/ucs-ec2-tools >index 755b752..0b31100 160000 >--- a/test/ucs-ec2-tools >+++ b/test/ucs-ec2-tools >@@ -1 +1 @@ >-Subproject commit 755b752d461b62ba29666294762e04f00ea9a74f >+Subproject commit 0b31100265e08b4af576f53ceb9d6b0899cb2f17
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=9623">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 47391
:
9604
|
9605
|
9606
|
9607
|
9608
| 9623