|
|
|---|
| 907 |
tls_mode = 0 |
907 |
tls_mode = 0 |
| 908 |
|
908 |
|
| 909 |
# Determine ad_ldap_base with exact case |
909 |
# Determine ad_ldap_base with exact case |
|
|
910 |
ldaps = self.baseConfig.is_true('%s/ad/ldap/ldaps' % self.CONFIGBASENAME, False) # tls or ssl |
| 910 |
try: |
911 |
try: |
| 911 |
self.lo_ad = univention.uldap.access(host=self.ad_ldap_host, port=int(self.ad_ldap_port), base='', binddn=None, bindpw=None, start_tls=tls_mode, use_ldaps=ldaps, ca_certfile=self.ad_ldap_cer) |
912 |
self.lo_ad=univention.uldap.access(host=self.ad_ldap_host, port=int(self.ad_ldap_port), base='', binddn=None, bindpw=None, start_tls=tls_mode, use_ldaps = ldaps, ca_certfile=self.ad_ldap_certificate) |
|
|
913 |
self.ad_ldap_base = self.lo_ad.lo.search_ext_s('', ldap.SCOPE_BASE, |
| 914 |
'objectclass=*', ['defaultNamingContext'], |
| 915 |
timeout=-1, sizelimit=0)[0][1]['defaultNamingContext'][0] |
| 912 |
self.ad_ldap_base = self.lo_ad.lo.search_ext_s('', ldap.SCOPE_BASE, 'objectclass=*', ['defaultNamingContext'], timeout=-1, sizelimit=0)[0][1]['defaultNamingContext'][0] |
916 |
self.ad_ldap_base = self.lo_ad.lo.search_ext_s('', ldap.SCOPE_BASE, 'objectclass=*', ['defaultNamingContext'], timeout=-1, sizelimit=0)[0][1]['defaultNamingContext'][0] |
| 913 |
except Exception: |
917 |
except Exception: |
| 914 |
ud.debug(ud.LDAP, ud.ERROR, 'Failed to lookup AD LDAP base, using UCR value.') |
918 |
ud.debug(ud.LDAP, ud.ERROR, 'Failed to lookup AD LDAP base, using UCR value.') |
| 915 |
|
919 |
|
| 916 |
ldaps = self.baseConfig.is_true('%s/ad/ldap/ldaps' % self.CONFIGBASENAME, False) # tls or ssl |
|
|
| 917 |
|
| 918 |
if self.baseConfig.is_true('%s/ad/ldap/kerberos' % self.CONFIGBASENAME): |
920 |
if self.baseConfig.is_true('%s/ad/ldap/kerberos' % self.CONFIGBASENAME): |
| 919 |
os.environ['KRB5CCNAME'] = '/var/cache/univention-ad-connector/krb5.cc' |
921 |
os.environ['KRB5CCNAME'] = '/var/cache/univention-ad-connector/krb5.cc' |
| 920 |
self.get_kerberos_ticket() |
922 |
self.get_kerberos_ticket() |