View | Details | Raw Unified | Return to bug 41745 | Differences between
and this patch

Collapse All | Expand All

(-)a/management/univention-directory-manager-modules/modules/univention/admin/uldap.py (+2 lines)
 Lines 251-256   def __init__(self, host='localhost', port=None, base='', binddn='', bindpw='', s Link Here 
251
		self.licensetypes = ['UCS']
251
		self.licensetypes = ['UCS']
252
252
253
	def bind(self, binddn, bindpw):
253
	def bind(self, binddn, bindpw):
254
		self.binddn = binddn
255
		self.bindpw = bindpw
254
		try:
256
		try:
255
			self.lo.bind(binddn, bindpw)
257
			self.lo.bind(binddn, bindpw)
256
		except ldap.INVALID_CREDENTIALS:
258
		except ldap.INVALID_CREDENTIALS:
(-)a/management/univention-management-console/src/univention/management/console/base.py (+6 lines)
 Lines 112-117   def query(self, request): Link Here 
112
import ldap
112
import ldap
113
import ldap.sasl
113
import ldap.sasl
114
import sys
114
import sys
115
import re
115
116
116
from univention.lib.i18n import Translation
117
from univention.lib.i18n import Translation
117
118
 Lines 345-352   def bind_user_connection(self, lo): Link Here 
345
				ldap.sasl.CB_PASS: self._password
346
				ldap.sasl.CB_PASS: self._password
346
			}, 'SAML')
347
			}, 'SAML')
347
			lo.lo.lo.sasl_interactive_bind_s('', saml)
348
			lo.lo.lo.sasl_interactive_bind_s('', saml)
349
			binddn = re.sub('^dn:', '', lo.lo.lo.whoami_s())
350
			lo.binddn = binddn
351
			lo.lo.binddn = binddn
348
		else:
352
		else:
349
			lo.lo.bind(self._user_dn, self._password)
353
			lo.lo.bind(self._user_dn, self._password)
354
			lo.binddn = lo.lo.binddn
355
			lo.bindpw = lo.lo.bindpw
350
356
351
	def require_password(self):
357
	def require_password(self):
352
		if self.auth_type is not None:
358
		if self.auth_type is not None:
(-)a/ucs-school-lib/python/models/school.py (-2 / +2 lines)
 Lines 407-413   class School(UCSSchoolHelperAbstractClass): Link Here 
407
					schools.append(cls.from_dn(cls(name=ou).dn, lo))
407
					schools.append(cls.from_dn(cls(name=ou).dn, lo))
408
				except noObject:
408
				except noObject:
409
					pass
409
					pass
410
			return cls._filter_local_schools(schools)
410
			return cls._filter_local_schools(schools, lo)
411
411
412
		if 'ou=' in lo.binddn:
412
		if 'ou=' in lo.binddn:
413
			# user has no ucsschoolSchool attribute (not migrated yet)
413
			# user has no ucsschoolSchool attribute (not migrated yet)
 Lines 418-424   class School(UCSSchoolHelperAbstractClass): Link Here 
418
			logger.debug('Schools from binddn: Found an OU in the LDAP binddn. Restricting schools to only show %s', school_dn)
418
			logger.debug('Schools from binddn: Found an OU in the LDAP binddn. Restricting schools to only show %s', school_dn)
419
			school = cls.from_dn(school_dn, None, lo)
419
			school = cls.from_dn(school_dn, None, lo)
420
			logger.debug('Schools from binddn: Found school: %r', school)
420
			logger.debug('Schools from binddn: Found school: %r', school)
421
			return cls._filter_local_schools([school])
421
			return cls._filter_local_schools([school], lo)
422
422
423
		logger.warning('Schools from binddn: Unable to identify OU of this account - showing all local OUs!')
423
		logger.warning('Schools from binddn: Unable to identify OU of this account - showing all local OUs!')
424
		return School.get_all(lo)
424
		return School.get_all(lo)
(-)a/ucs-school-lib/python/schoolldap.py (+2 lines)
 Lines 361-366   class SchoolBaseModule(Base): Link Here 
361
				user_dn = None
361
				user_dn = None
362
				MODULE.warn('Cannot read /etc/machine.secret: %s' % (exc,))
362
				MODULE.warn('Cannot read /etc/machine.secret: %s' % (exc,))
363
			lo.lo.bind(user_dn, password)
363
			lo.lo.bind(user_dn, password)
364
			lo.binddn = user_dn
365
			lo.binpw = password
364
			return
366
			return
365
		return super(SchoolBaseModule, self).bind_user_connection(lo)
367
		return super(SchoolBaseModule, self).bind_user_connection(lo)
366
368

Return to bug 41745