Attachment #2778 for bug #20518

View | Details | Raw Unified | Return to bug 20518
Collapse All | Expand All

(-)univention-ad-connector-5.0.6.orig/conffiles/etc/univention/connector/ad/mapping.py (-1 / +2 lines)

Lines 98-104	Link Here

						 univention.connector.set_primary_group_user

						 univention.connector.set_primary_group_user

],

],

100

101

			post_con_modify_functions=[ univention.connector.ad.password.password_sync_ucs,

101

			post_con_modify_functions=[ univention.connector.ad.set_userPrincipalName_from_ucr,

102

						    univention.connector.ad.password.password_sync_ucs,

102

						    univention.connector.ad.primary_group_sync_from_ucs,

103

						    univention.connector.ad.primary_group_sync_from_ucs,

103

						    univention.connector.ad.object_memberships_sync_from_ucs,

104

						    univention.connector.ad.object_memberships_sync_from_ucs,

104

						    univention.connector.ad.disable_user_from_ucs,

105

						    univention.connector.ad.disable_user_from_ucs,

(-)univention-ad-connector-5.0.6.orig/debian/univention-ad-connector.univention-config-registry-variables (+6 lines)

Lines 117-119	Link Here

117

Description[en]=

117

Description[en]=

118

Type=str

118

Type=str

119

Categories=service-adcon

119

Categories=service-adcon

120

121

[con.*/ad/mapping/kerberosdomain]

122

Description[de]=Kerberos-Domain für Windows 2008 Accounts (ergibt mit dem UCS-Benutzernamen den AD Kerberos Principal sofern dieser noch nicht gesetzt ist).

123

Description[en]=

124

Type=str

125

Categories=service-adcon

(-)univention-ad-connector-5.0.6.orig/modules/univention/connector/ad/__init__.py (+21 lines)

Lines 71-76	Link Here

def disable_user_from_ucs(connector, key, object):

def disable_user_from_ucs(connector, key, object):

	return connector.disable_user_from_ucs(key, object)

	return connector.disable_user_from_ucs(key, object)

def set_userPrincipalName_from_ucr(connector, key, object):

	return connector.set_userPrincipalName_from_ucr(key, object)

def disable_user_to_ucs(connector, key, object):

def disable_user_to_ucs(connector, key, object):

	return connector.disable_user_to_ucs(key, object)

	return connector.disable_user_to_ucs(key, object)

Lines 1429-1434	Link Here

1429

		else:

1432

		else:

1430

			pass

1433

			pass

1431

1434

1435

	def set_userPrincipalName_from_ucr(self, key, object):

1436

		object_key = key

1437

		object_ucs = self._object_mapping(object_key,object)

1438

		ldap_object_ad = self.get_object(object['dn'])

1439

1440

		ucs_admin_object=univention.admin.objects.get(self.modules[object_key], co='', lo=self.lo, position='', dn=object_ucs['dn'])

1441

		ucs_admin_object.open()

1442

1443

		if self.baseConfig.has_key('%s/ad/mapping/kerberosdomain' % self.CONFIGBASENAME) and not ldap_object_ad.has_key('userPrincipalName'):

1444

			principalDomain = self.baseConfig['%s/ad/mapping/kerberosdomain' % self.CONFIGBASENAME]

1445

			localPart = ucs_admin_object['username']

1446

			userPrincipalName = "%s@%s" % (localPart, principalDomain)

1447

			modlist=[(ldap.MOD_REPLACE, 'userPrincipalName', [userPrincipalName])]

1448

			ud.debug(ud.LDAP, ud.INFO, "set_userPrincipalName_from_ucr: set kerberos principle %s for AD user %s with modlist %s " %

1449

				 (userPrincipalName, object['dn'], modlist) )

1450

			self.lo_ad.lo.modify_s(compatible_modstring(object['dn']), compatible_modlist(modlist))

1451

1452

1432

	def disable_user_from_ucs(self, key, object):

1453

	def disable_user_from_ucs(self, key, object):

1433

		object_key = key

1454

		object_key = key

1434

1455

Return to bug 20518