def _changeLocalPassword(self, user_name, old_password, new_password):
ldapHandle = None
try:
ldapHandle = ldap.initialize(self.ldap_uri)
result = ldapHandle.search_s(
self.ldap_basedn,
ldap.SCOPE_SUBTREE,
self.ldap_filter % utils.ldapEscape(user_name))
if len(result) != 1:
try:
ldapHandle.unbind_s()
except:
pass
raise passwd.PasswdException("ldap search result count is not 1.",
ERR_LDAP)
dn = result[0][0]
# change password
ldapHandle.simple_bind_s(who=dn, cred=old_password)
ldapHandle.passwd_s(dn, old_password, new_password)
ldapHandle.unbind_s()
except Exception, e:
if ldapHandle is not None:
try:
ldapHandle.unbind_s()
except:
pass
raise passwd.PasswdException(e,ERR_LDAP)
def _checkLocalUser(self, user_name):
ldapHandle = None
try:
ldapHandle = ldap.initialize(self.ldap_uri)
ldapHandle.simple_bind_s(who=self.ldap_rootdn, cred=self.ldap_rootpw)
self.ldap_user = ldapHandle.search_s(
self.ldap_basedn,
ldap.SCOPE_SUBTREE,
self.ldap_filter % utils.ldapEscape(user_name))
if len(self.ldap_user) != 1:
try:
ldapHandle.unbind_s()
except:
pass
del(self.ldap_user)
raise passwd.PasswdException("ldap search result count is not 1.",
ERR_LDAP)
except Exception, e:
if ldapHandle is not None:
try:
ldapHandle.unbind_s()
except:
pass
raise passwd.PasswdException(e,ERR_LDAP)
def _authenticate(self, user_name, password):
ldapHandle = None
try:
ldapHandle = ldap.initialize(self.ldap_uri)
result = ldapHandle.search_s(
self.ldap_basedn,
ldap.SCOPE_SUBTREE,
self.ldap_filter % utils.ldapEscape(user_name))
if len(result) != 1:
ldapHandle.unbind_s()
raise auth.AuthException("ldap search result count is not 1.",
ERR_LDAP)
dn = result[0][0]
# authenticate
ldapHandle.simple_bind_s(who=dn, cred=password)
ldapHandle.unbind_s()
except Exception, e:
if ldapHandle is not None:
try:
ldapHandle.unbind_s()
except:
pass
raise auth.AuthException(e,ERR_LDAP)