|
67 |
groupInfo[group] = (priority, wlanEnabled, ) |
67 |
groupInfo[group] = (priority, wlanEnabled, ) |
68 |
|
68 |
|
69 |
|
69 |
|
70 |
SAMBA_ACCOUNT_FLAG_DISABLED = 'D' |
70 |
SAMBA_ACCOUNT_FLAG_DISABLED = 'D' |
71 |
SAMBA_ACCOUNT_FLAG_LOCKED = 'L' |
71 |
SAMBA_ACCOUNT_FLAG_LOCKED = 'L' |
72 |
DISALLOWED_SAMBA_ACCOUNT_FLAGS = frozenset((SAMBA_ACCOUNT_FLAG_DISABLED, SAMBA_ACCOUNT_FLAG_LOCKED, )) |
72 |
DISALLOWED_SAMBA_ACCOUNT_FLAGS = frozenset((SAMBA_ACCOUNT_FLAG_DISABLED, SAMBA_ACCOUNT_FLAG_LOCKED, )) |
73 |
|
73 |
|
74 |
|
74 |
|
75 |
def getNTPasswordHash(username, stationId): |
75 |
def getNTPasswordHash(username, stationId): |
76 |
'stationId may be None if it was not supplied to the program' |
76 |
''' |
|
|
77 |
stationId may be None if it was not supplied to the program |
78 |
username may contain the direct username (e.g. 'anton123') or |
79 |
a hostname (e.g. 'win-02$') or |
80 |
a kerberos principal without realm (e.g. 'host/win-02.example.com'): |
81 |
''' |
82 |
|
83 |
if username.startswith('host/'): |
84 |
# seems to be a kerberos principal |
85 |
username = username.split('/', 1)[1] |
86 |
if '.' in username: |
87 |
username = username.split('.', 1)[0] |
88 |
if '$' not in username: |
89 |
username += '$' |
90 |
|
77 |
groups = userToGroup.get(username) |
91 |
groups = userToGroup.get(username) |
78 |
if groups is None: |
92 |
if groups is None: |
79 |
return None |
93 |
return None |
80 |
groups = [groupInfo[group] for group in groups if group in groupInfo] |
94 |
groups = [groupInfo[group] for group in groups if group in groupInfo] |
81 |
if not groups: |
95 |
if not groups: |
82 |
return None |
96 |
return None |
83 |
(maxPriority, _, ) = max(groups) |
97 |
(maxPriority, _, ) = max(groups) |
84 |
if True not in [wlanEnabled for (priority, wlanEnabled, ) in groups if priority == maxPriority]: |
98 |
if True not in [wlanEnabled for (priority, wlanEnabled, ) in groups if priority == maxPriority]: |
85 |
return None |
99 |
return None |