|
Lines 45-50
from samba.dcerpc import drsblobs
|
Link Here
|
|---|
|
|---|
| 45 |
import heimdal |
45 |
import heimdal |
| 46 |
from ldap.controls import LDAPControl |
46 |
from ldap.controls import LDAPControl |
| 47 |
import traceback |
47 |
import traceback |
|
|
48 |
from univention.admin.handlers.users.user import unmapWindowsFiletime |
| 48 |
|
49 |
|
| 49 |
class Krb5Context(object): |
50 |
class Krb5Context(object): |
| 50 |
def __init__(self): |
51 |
def __init__(self): |
|
Lines 855-863
def lockout_sync_s4_to_ucs(s4connector, key, ucs_object):
|
Link Here
|
|---|
|
|---|
| 855 |
return |
856 |
return |
| 856 |
|
857 |
|
| 857 |
modlist = [] |
858 |
modlist = [] |
|
|
859 |
extra_modlist = [] |
| 858 |
|
860 |
|
| 859 |
try: |
861 |
try: |
| 860 |
ucs_object_attributes = s4connector.lo.get(ucs_object['dn'], ['sambaAcctFlags', 'sambaBadPasswordTime'], required=True) |
862 |
ucs_object_attributes = s4connector.lo.get(ucs_object['dn'], ['sambaAcctFlags', 'sambaBadPasswordTime', 'pwdAccountLockedTime'], required=True) |
| 861 |
except ldap.NO_SUCH_OBJECT: |
863 |
except ldap.NO_SUCH_OBJECT: |
| 862 |
ud.debug(ud.LDAP, ud.WARN, "%s: The UCS object (%s) was not found. The object was removed." % (function_name, ucs_object['dn'])) |
864 |
ud.debug(ud.LDAP, ud.WARN, "%s: The UCS object (%s) was not found. The object was removed." % (function_name, ucs_object['dn'])) |
| 863 |
return |
865 |
return |
|
Lines 878-883
def lockout_sync_s4_to_ucs(s4connector, key, ucs_object):
|
Link Here
|
|---|
|
|---|
| 878 |
if sambaBadPasswordTime: |
880 |
if sambaBadPasswordTime: |
| 879 |
ud.debug(ud.LDAP, ud.INFO, "%s: Old sambaBadPasswordTime: %s" % (function_name, sambaBadPasswordTime)) |
881 |
ud.debug(ud.LDAP, ud.INFO, "%s: Old sambaBadPasswordTime: %s" % (function_name, sambaBadPasswordTime)) |
| 880 |
modlist.append(('sambaBadPasswordTime', sambaBadPasswordTime, badPasswordTime)) |
882 |
modlist.append(('sambaBadPasswordTime', sambaBadPasswordTime, badPasswordTime)) |
|
|
883 |
|
| 884 |
pwdAccountLockedTime = ucs_object['attributes'].get('pwdAccountLockedTime', ["0"])[0] |
| 885 |
lockedTime = unmapWindowsFiletime([badPasswordTime]) |
| 886 |
extra_modlist.append(('pwdAccountLockedTime', pwdAccountLockedTime, lockedTime)) |
| 881 |
else: |
887 |
else: |
| 882 |
if "L" in sambaAcctFlags: |
888 |
if "L" in sambaAcctFlags: |
| 883 |
acctFlags = univention.admin.samba.acctFlags(sambaAcctFlags) |
889 |
acctFlags = univention.admin.samba.acctFlags(sambaAcctFlags) |
|
Lines 893-898
def lockout_sync_s4_to_ucs(s4connector, key, ucs_object):
|
Link Here
|
|---|
|
|---|
| 893 |
ud.debug(ud.LDAP, ud.ALL, "%s: modlist: %s" % (function_name, modlist)) |
899 |
ud.debug(ud.LDAP, ud.ALL, "%s: modlist: %s" % (function_name, modlist)) |
| 894 |
s4connector.lo.lo.modify(ucs_object['dn'], modlist) |
900 |
s4connector.lo.lo.modify(ucs_object['dn'], modlist) |
| 895 |
|
901 |
|
|
|
902 |
if extra_modlist: |
| 903 |
try: |
| 904 |
s4connector.lo.lo.modify(ucs_object['dn'], extra_modlist) |
| 905 |
ud.debug(ud.LDAP, ud.ALL, "%s: modlist: %s" % (function_name, extra_modlist)) |
| 906 |
except ldap.UNDEFINED_TYPE: # no ppolicy enabled |
| 907 |
pass |
| 896 |
|
908 |
|
| 897 |
def lockout_sync_ucs_to_s4(s4connector, key, object): |
909 |
def lockout_sync_ucs_to_s4(s4connector, key, object): |
| 898 |
""" |
910 |
""" |