Lines 196-205
def calculate_krb5keys(supplementalCredentialsblob):
|
Link Here
|
---|
|
196 |
return keys |
196 |
return keys |
197 |
|
197 |
|
198 |
|
198 |
|
199 |
def set_password_in_ad(connector, samaccountname, pwd): |
199 |
def set_password_in_ad(connector, samaccountname, pwd, reconnect=False): |
200 |
_d = ud.function('ldap.ad.set_password_in_ad') # noqa: F841 |
200 |
_d = ud.function('ldap.ad.set_password_in_ad') # noqa: F841 |
201 |
|
201 |
|
202 |
# print "Static Session Key: %s" % (samr.session_key,) |
202 |
# print "Static Session Key: %s" % (samr.session_key,) |
|
|
203 |
if reconnect: |
204 |
if connector.dom_handle: |
205 |
connector.samr.Close(connector.dom_handle) |
206 |
connector.samr = None |
207 |
|
203 |
if not connector.samr: |
208 |
if not connector.samr: |
204 |
connector.open_samr() |
209 |
connector.open_samr() |
205 |
|
210 |
|
Lines 394-400
def password_sync_ucs(connector, key, object):
|
Link Here
|
---|
|
394 |
if not pwd == nt_hash: |
399 |
if not pwd == nt_hash: |
395 |
ud.debug(ud.LDAP, ud.INFO, "password_sync_ucs: Hash AD and Hash UCS differ") |
400 |
ud.debug(ud.LDAP, ud.INFO, "password_sync_ucs: Hash AD and Hash UCS differ") |
396 |
pwd_set = True |
401 |
pwd_set = True |
397 |
res = set_password_in_ad(connector, object['attributes']['sAMAccountName'][0], pwd) |
402 |
try: |
|
|
403 |
res = set_password_in_ad(connector, object['attributes']['sAMAccountName'][0], pwd) |
404 |
except Exception as e: |
405 |
ud.debug(ud.LDAP, ud.PROCESS, "password_sync: set_password_in_ad failed with %s, retry with reconnect" % str(e)) |
406 |
res = set_password_in_ad(connector, object['attributes']['sAMAccountName'][0], pwd, reconnect=True) |
398 |
|
407 |
|
399 |
if not pwd_set or nt_hash: |
408 |
if not pwd_set or nt_hash: |
400 |
newpwdlastset = "-1" # if pwd was set in ad we need to set pwdlastset to -1 or it will be 0 |
409 |
newpwdlastset = "-1" # if pwd was set in ad we need to set pwdlastset to -1 or it will be 0 |