|
|
|---|
| 79 |
|
79 |
|
| 80 |
try: |
80 |
try: |
| 81 |
res = idmap.search('', ldb.SCOPE_SUBTREE, "(&(objectClass=sidMap)(cn=%s))" % old_sambaSID, attrs = ["objectSid", "type"]) |
81 |
res = idmap.search('', ldb.SCOPE_SUBTREE, "(&(objectClass=sidMap)(cn=%s))" % old_sambaSID, attrs = ["objectSid", "type"]) |
| 82 |
record = res.msgs[0] |
82 |
if not res: |
| 83 |
|
83 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.INFO, |
| 84 |
if record["type"][0] != type_string: |
84 |
"%s: rename_or_modify_idmap_entry: no mapping for objectSid %s, treating as add", (name, old_sambaSID)) |
| 85 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.ERROR, |
85 |
add_or_modify_idmap_entry(new_sambaSID, xidNumber, type_string) |
| 86 |
"%s: %s entry type %s does not match object type %s" % (name, old_sambaSID, record["type"][0], type_string) ) |
86 |
else: |
| 87 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.ERROR, |
87 |
record = res.msgs[0] |
| 88 |
"%s: skipping rename of %s to %s" % (name, old_sambaSID, new_sambaSID) ) |
88 |
|
| 89 |
return False |
89 |
if record["type"][0] != type_string: |
|
|
90 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.ERROR, |
| 91 |
"%s: %s entry type %s does not match object type %s" % (name, old_sambaSID, record["type"][0], type_string) ) |
| 92 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.ERROR, |
| 93 |
"%s: skipping rename of %s to %s" % (name, old_sambaSID, new_sambaSID) ) |
| 94 |
return False |
| 90 |
|
95 |
|
| 91 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.PROCESS, |
96 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.PROCESS, |
| 92 |
"%s: renaming entry for %s to %s" % (name, old_sambaSID, new_sambaSID) ) |
97 |
"%s: renaming entry for %s to %s" % (name, old_sambaSID, new_sambaSID) ) |
| 93 |
|
98 |
|
| 94 |
## try a modrdn |
99 |
## try a modrdn |
| 95 |
idmap.rename(str(record.dn), "CN=%s" % new_sambaSID) |
100 |
idmap.rename(str(record.dn), "CN=%s" % new_sambaSID) |
| 96 |
## and update related attributes |
101 |
## and update related attributes |
| 97 |
msg = ldb.Message() |
102 |
msg = ldb.Message() |
| 98 |
msg.dn = ldb.Dn(idmap, "CN=%s" % new_sambaSID) |
103 |
msg.dn = ldb.Dn(idmap, "CN=%s" % new_sambaSID) |
| 99 |
msg["cn"] = ldb.MessageElement( [ new_sambaSID ] , ldb.FLAG_MOD_REPLACE, "cn") |
104 |
msg["cn"] = ldb.MessageElement( [ new_sambaSID ] , ldb.FLAG_MOD_REPLACE, "cn") |
| 100 |
new_objectSid = ndr_pack(security.dom_sid(new_sambaSID)) |
105 |
new_objectSid = ndr_pack(security.dom_sid(new_sambaSID)) |
| 101 |
msg["objectSid"] = ldb.MessageElement([ new_objectSid ] , ldb.FLAG_MOD_REPLACE, "objectSid") |
106 |
msg["objectSid"] = ldb.MessageElement([ new_objectSid ] , ldb.FLAG_MOD_REPLACE, "objectSid") |
| 102 |
idmap.modify(msg) |
107 |
idmap.modify(msg) |
| 103 |
|
108 |
|
| 104 |
except ldb.LdbError, (enum, estr): |
109 |
except ldb.LdbError, (enum, estr): |
| 105 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.WARN, estr) |
110 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.WARN, estr) |
|
|
|---|
| 172 |
|
177 |
|
| 173 |
try: |
178 |
try: |
| 174 |
res = idmap.search('', ldb.SCOPE_SUBTREE, "(&(objectClass=sidMap)(cn=%s))" % sambaSID, attrs = ["objectSid", "xidNumber", "type"]) |
179 |
res = idmap.search('', ldb.SCOPE_SUBTREE, "(&(objectClass=sidMap)(cn=%s))" % sambaSID, attrs = ["objectSid", "xidNumber", "type"]) |
| 175 |
record = res.msgs[0] |
180 |
if not res: |
|
|
181 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.INFO, |
| 182 |
"%s: remove_idmap_entry: no mapping for objectSid %s, skipping", (name, sambaSID)) |
| 183 |
else: |
| 184 |
record = res.msgs[0] |
| 176 |
|
185 |
|
| 177 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.PROCESS, |
186 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.PROCESS, |
| 178 |
"%s: removing entry for %s" % (name, sambaSID) ) |
187 |
"%s: removing entry for %s" % (name, sambaSID) ) |
| 179 |
|
188 |
|
| 180 |
idmap.delete(ldb.Dn(idmap, str(record.dn))) |
189 |
idmap.delete(ldb.Dn(idmap, str(record.dn))) |
| 181 |
|
190 |
|
| 182 |
if record["xidNumber"][0] != str(xidNumber): |
191 |
if record["xidNumber"][0] != str(xidNumber): |
| 183 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.WARN, |
192 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.WARN, |
| 184 |
"%s: removed entry xidNumber %s did not match object xidNumber %s" % (name, record["xidNumber"][0], xidNumber) ) |
193 |
"%s: removed entry xidNumber %s did not match object xidNumber %s" % (name, record["xidNumber"][0], xidNumber) ) |
| 185 |
if record["type"][0] != type_string: |
194 |
if record["type"][0] != type_string: |
| 186 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.WARN, |
195 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.WARN, |
| 187 |
"%s: removed entry type %s did not match object type %s" % (name, record["type"][0], type_string) ) |
196 |
"%s: removed entry type %s did not match object type %s" % (name, record["type"][0], type_string) ) |
| 188 |
|
197 |
|
| 189 |
except ldb.LdbError, (enum, estr): |
198 |
except ldb.LdbError, (enum, estr): |
| 190 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.ERROR, estr) |
199 |
univention.debug.debug(univention.debug.LISTENER, univention.debug.ERROR, estr) |