Lines 45-50
from samba.dcerpc import drsblobs
|
Link Here
|
---|
|
45 |
import heimdal |
45 |
import heimdal |
46 |
from ldap.controls import LDAPControl |
46 |
from ldap.controls import LDAPControl |
47 |
import traceback |
47 |
import traceback |
|
|
48 |
from univention.admin.handlers.users.user import unmapWindowsFiletime |
48 |
|
49 |
|
49 |
class Krb5Context(object): |
50 |
class Krb5Context(object): |
50 |
def __init__(self): |
51 |
def __init__(self): |
Lines 855-863
def lockout_sync_s4_to_ucs(s4connector, key, ucs_object):
|
Link Here
|
---|
|
855 |
return |
856 |
return |
856 |
|
857 |
|
857 |
modlist = [] |
858 |
modlist = [] |
|
|
859 |
extra_modlist = [] |
858 |
|
860 |
|
859 |
try: |
861 |
try: |
860 |
ucs_object_attributes = s4connector.lo.get(ucs_object['dn'], ['sambaAcctFlags', 'sambaBadPasswordTime'], required=True) |
862 |
ucs_object_attributes = s4connector.lo.get(ucs_object['dn'], ['sambaAcctFlags', 'sambaBadPasswordTime', 'pwdAccountLockedTime'], required=True) |
861 |
except ldap.NO_SUCH_OBJECT: |
863 |
except ldap.NO_SUCH_OBJECT: |
862 |
ud.debug(ud.LDAP, ud.WARN, "%s: The UCS object (%s) was not found. The object was removed." % (function_name, ucs_object['dn'])) |
864 |
ud.debug(ud.LDAP, ud.WARN, "%s: The UCS object (%s) was not found. The object was removed." % (function_name, ucs_object['dn'])) |
863 |
return |
865 |
return |
Lines 878-883
def lockout_sync_s4_to_ucs(s4connector, key, ucs_object):
|
Link Here
|
---|
|
878 |
if sambaBadPasswordTime: |
880 |
if sambaBadPasswordTime: |
879 |
ud.debug(ud.LDAP, ud.INFO, "%s: Old sambaBadPasswordTime: %s" % (function_name, sambaBadPasswordTime)) |
881 |
ud.debug(ud.LDAP, ud.INFO, "%s: Old sambaBadPasswordTime: %s" % (function_name, sambaBadPasswordTime)) |
880 |
modlist.append(('sambaBadPasswordTime', sambaBadPasswordTime, badPasswordTime)) |
882 |
modlist.append(('sambaBadPasswordTime', sambaBadPasswordTime, badPasswordTime)) |
|
|
883 |
|
884 |
pwdAccountLockedTime = ucs_object['attributes'].get('pwdAccountLockedTime', ["0"])[0] |
885 |
lockedTime = unmapWindowsFiletime([badPasswordTime]) |
886 |
extra_modlist.append(('pwdAccountLockedTime', pwdAccountLockedTime, lockedTime)) |
881 |
else: |
887 |
else: |
882 |
if "L" in sambaAcctFlags: |
888 |
if "L" in sambaAcctFlags: |
883 |
acctFlags = univention.admin.samba.acctFlags(sambaAcctFlags) |
889 |
acctFlags = univention.admin.samba.acctFlags(sambaAcctFlags) |
Lines 893-898
def lockout_sync_s4_to_ucs(s4connector, key, ucs_object):
|
Link Here
|
---|
|
893 |
ud.debug(ud.LDAP, ud.ALL, "%s: modlist: %s" % (function_name, modlist)) |
899 |
ud.debug(ud.LDAP, ud.ALL, "%s: modlist: %s" % (function_name, modlist)) |
894 |
s4connector.lo.lo.modify(ucs_object['dn'], modlist) |
900 |
s4connector.lo.lo.modify(ucs_object['dn'], modlist) |
895 |
|
901 |
|
|
|
902 |
if extra_modlist: |
903 |
try: |
904 |
s4connector.lo.lo.modify(ucs_object['dn'], extra_modlist) |
905 |
ud.debug(ud.LDAP, ud.ALL, "%s: modlist: %s" % (function_name, extra_modlist)) |
906 |
except ldap.UNDEFINED_TYPE: # no ppolicy enabled |
907 |
pass |
896 |
|
908 |
|
897 |
def lockout_sync_ucs_to_s4(s4connector, key, object): |
909 |
def lockout_sync_ucs_to_s4(s4connector, key, object): |
898 |
""" |
910 |
""" |