|
156 |
return info |
156 |
return info |
157 |
|
157 |
|
158 |
|
158 |
|
159 |
def get_password_from_ad(connector, user_dn): |
159 |
def get_password_from_ad(connector, user_dn, reconnect=False): |
160 |
_d = ud.function('ldap.ad.get_password_from_ad') |
160 |
_d = ud.function('ldap.ad.get_password_from_ad') |
161 |
ud.debug(ud.LDAP, ud.INFO, "get_password_from_ad: Read password from AD: %s" % user_dn) |
161 |
ud.debug(ud.LDAP, ud.INFO, "get_password_from_ad: Read password from AD: %s" % user_dn) |
162 |
|
162 |
|
163 |
nt_hash = None |
163 |
nt_hash = None |
164 |
|
164 |
|
165 |
if not connector.drs: |
165 |
if not connector.drs or reconnect: |
166 |
connector.open_drs_connection() |
166 |
connector.open_drs_connection() |
167 |
|
167 |
|
168 |
req8 = drsuapi.DsGetNCChangesRequest8() |
168 |
req8 = drsuapi.DsGetNCChangesRequest8() |
|
378 |
ud.debug(ud.LDAP, ud.INFO, "password_sync: AD pwdlastset: %s (original (%s))" % (ad_password_last_set, pwdLastSet)) |
378 |
ud.debug(ud.LDAP, ud.INFO, "password_sync: AD pwdlastset: %s (original (%s))" % (ad_password_last_set, pwdLastSet)) |
379 |
ud.debug(ud.LDAP, ud.INFO, "password_sync: UCS pwdlastset: %s" % (sambaPwdLastSet)) |
379 |
ud.debug(ud.LDAP, ud.INFO, "password_sync: UCS pwdlastset: %s" % (sambaPwdLastSet)) |
380 |
|
380 |
|
381 |
res = get_password_from_ad(connector, univention.connector.ad.compatible_modstring(object['dn'])) |
381 |
try: |
|
|
382 |
res = get_password_from_ad(connector, univention.connector.ad.compatible_modstring(object['dn'])) |
383 |
except: |
384 |
res = get_password_from_ad(connector, univention.connector.ad.compatible_modstring(object['dn']), reconnect=True) |
382 |
|
385 |
|
383 |
if res: |
386 |
if res: |
384 |
ntPwd_ucs = '' |
387 |
ntPwd_ucs = '' |