Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 103 lines (85 sloc) 2.714 kB
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
1 # ldapconnect.py
2 # Handles directly talking to the LDAP server
3 # including binding, authentication and so on
4
6adda07 binding improvements
root authored
5 import pwd as mod_pwd, os, getpass
db9810f @stedolan added ldapi:/// support
authored
6 import ldap, ldapurl, ldap.sasl
3aee822 @stedolan renamed logging module to avoid name conflict
authored
7 from ldaplogging import *
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
8
9
6adda07 binding improvements
root authored
10 uidfmt = "uid=%s,ou=User,dc=netsoc,dc=tcd,dc=ie"
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
11
6adda07 binding improvements
root authored
12 _ldap_conn = None
db9810f @stedolan added ldapi:/// support
authored
13
14
15 def ldap_connect(dn = None, pwd = None, host = None):
6adda07 binding improvements
root authored
16 # '''Connects to LDAP. The connection is cached.
17 #
18 # If uid is not None, it is taken as the user to connect as,
19 # otherwise it chooses the current user. If password is None, it
20 # will attempt to connect first without a password and if that fails
21 # it will try to read a password from the terminal
22 # '''
23 # global _ldap_conn
24 # if uid is None and pwd is None and _ldap_conn is not None:
25 # return _ldap_conn
26 # if uid is None:
27 # dn = ldap_myself()
28 # else:
29 # dn = ldap_byuid(uid)
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
30
6adda07 binding improvements
root authored
31 # l = _ldap_conn
32 # l.simple_bind_s(dn, pwd)
33 # return l
34 global _ldap_conn
35 if dn is None:
36 # if no DN is specified, we try ldapi first
37 try:
38 l = ldap.initialize("ldapi:///")
39 l.sasl_interactive_bind_s("", ldap.sasl.external())
40 except:
41 # then try the host called "ldap"
42 l = ldap.initialize("ldap://ldap")
43 uid = mod_pwd.getpwuid(os.getuid())[0]
44 passwd = getpass.getpass()
45 l.simple_bind_s(uidfmt % uid, passwd)
46 else:
47 if host is None: host = "127.0.0.1"
48 l = ldap.initialize(str(ldapurl.LDAPUrl(host)))
49 l.simple_bind_s(dn, pwd)
50 _ldap_conn = l
51 return l
52
53 def with_ldap_connection(f):
54 def func(*args, **kwargs):
55 global _ldap_conn
56 if _ldap_conn is None:
57 ldap_connect()
58 try:
59 return f(_ldap_conn, *args, **kwargs)
60 except ldap.SERVER_DOWN:
61 ldap_connect()
62 return f(_ldap_conn, *args, **kwargs)
63 func.__name__ = f.__name__
64 func.__doc__ = f.__doc__
65 return func
66
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
67
68
6adda07 binding improvements
root authored
69 @with_ldap_connection
70 def search(l, base, scope, filter, attrlist=None):
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
71 if filter is None:
72 filter = "(objectClass=*)"
73 ldebug("Searching in %s for %s" % (base,filter))
74 return l.search_s(base, scope, filter, attrlist)
75
6adda07 binding improvements
root authored
76 @with_ldap_connection
77 def add(l, dn, modlist):
cf7d132 @stedolan added user states, ability to create new objects, and user privileges
authored
78 ldebug("Adding %s" % modlist)
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
79 l.add_s(dn, modlist)
80
6adda07 binding improvements
root authored
81 @with_ldap_connection
82 def delete(l, dn):
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
83 l.delete_s(dn)
84
6adda07 binding improvements
root authored
85 @with_ldap_connection
86 def modify(l, dn, modlist):
cf7d132 @stedolan added user states, ability to create new objects, and user privileges
authored
87 ldebug("Modifying %s: %s" % (dn,modlist))
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
88 l.modify_s(dn, modlist)
89
6adda07 binding improvements
root authored
90 @with_ldap_connection
91 def modrdn(l, dn, newrdn):
81e3981 @stedolan rewrote everything :D (I should really learn to make smaller, more fr…
authored
92 ldebug("Renaming %s" % dn)
93 l.rename_s(dn, newrdn)
94
6adda07 binding improvements
root authored
95 @with_ldap_connection
96 def passwd(l, dn, oldpw, newpw):
87f819e @stedolan added password-changing support
authored
97 ldebug("Changing password for %s" % dn)
98 l.passwd_s(dn, oldpw, newpw)
e50daab support for ldap whoami() operation
Root authored
99
100 @with_ldap_connection
101 def whoami(l):
102 return l.whoami_s()
Something went wrong with that request. Please try again.