コード例 #1
0
ファイル: host.py プロジェクト: cajunken/freeipa
 def ldap_connect(self):
     """Return an LDAPClient authenticated to this host as directory manager
     """
     self.log.info('Connecting to LDAP at %s', self.external_hostname)
     ldap = IPAdmin(self.external_hostname)
     binddn = self.config.dirman_dn
     self.log.info('LDAP bind as %s' % binddn)
     ldap.do_simple_bind(binddn, self.config.dirman_password)
     return ldap
コード例 #2
0
ファイル: host.py プロジェクト: shanyin/freeipa
 def ldap_connect(self):
     """Return an LDAPClient authenticated to this host as directory manager
     """
     self.log.info('Connecting to LDAP at %s', self.external_hostname)
     ldap = IPAdmin(self.external_hostname)
     binddn = self.config.dirman_dn
     self.log.info('LDAP bind as %s' % binddn)
     ldap.do_simple_bind(binddn, self.config.dirman_password)
     return ldap
コード例 #3
0
ファイル: migration.py プロジェクト: AvidehST/freeipa
def get_base_dn(ldap_uri):
    """
    Retrieve LDAP server base DN.
    """
    try:
        conn = IPAdmin(ldap_uri=ldap_uri)
        conn.do_simple_bind(DN(), '')
        base_dn = get_ipa_basedn(conn)
    except Exception, e:
        root_logger.error('migration context search failed: %s' % e)
        return ''
コード例 #4
0
def get_base_dn(ldap_uri):
    """
    Retrieve LDAP server base DN.
    """
    try:
        conn = IPAdmin(ldap_uri=ldap_uri)
        conn.do_simple_bind(DN(), '')
        base_dn = get_ipa_basedn(conn)
    except Exception, e:
        root_logger.error('migration context search failed: %s' % e)
        return ''
コード例 #5
0
ファイル: migration.py プロジェクト: AvidehST/freeipa
def bind(ldap_uri, base_dn, username, password):
    if not base_dn:
        root_logger.error('migration unable to get base dn')
        raise IOError(errno.EIO, 'Cannot get Base DN')
    bind_dn = DN(('uid', username), ('cn', 'users'), ('cn', 'accounts'), base_dn)
    try:
        conn = IPAdmin(ldap_uri=ldap_uri)
        conn.do_simple_bind(bind_dn, password)
    except (errors.ACIError, errors.DatabaseError, errors.NotFound), e:
        root_logger.error(
            'migration invalid credentials for %s: %s' % (bind_dn, e))
        raise IOError(
            errno.EPERM, 'Invalid LDAP credentials for user %s' % username)
コード例 #6
0
def bind(ldap_uri, base_dn, username, password):
    if not base_dn:
        root_logger.error('migration unable to get base dn')
        raise IOError(errno.EIO, 'Cannot get Base DN')
    bind_dn = DN(('uid', username), ('cn', 'users'), ('cn', 'accounts'),
                 base_dn)
    try:
        conn = IPAdmin(ldap_uri=ldap_uri)
        conn.do_simple_bind(bind_dn, password)
    except (errors.ACIError, errors.DatabaseError, errors.NotFound), e:
        root_logger.error('migration invalid credentials for %s: %s' %
                          (bind_dn, e))
        raise IOError(errno.EPERM,
                      'Invalid LDAP credentials for user %s' % username)
コード例 #7
0
ファイル: dcerpc.py プロジェクト: cajunken/freeipa
    def __search_in_dc(self, info, host, port, filter, attrs, scope,
                       basedn=None, quiet=False):
        """
        Actual search in AD LDAP server, using SASL GSSAPI authentication
        Returns LDAP result or None.
        """

        (ccache_name, principal) = self.kinit_as_http(info['dns_domain'])

        if ccache_name:
            with installutils.private_ccache(path=ccache_name):
                entries = None

                try:
                    conn = IPAdmin(host=host,
                                   port=389,  # query the AD DC
                                   no_schema=True,
                                   decode_attrs=False,
                                   sasl_nocanon=True)
                    # sasl_nocanon used to avoid hard requirement for PTR
                    # records pointing back to the same host name

                    conn.do_sasl_gssapi_bind()

                    if basedn is None:
                        # Use domain root base DN
                        basedn = ipautil.realm_to_suffix(info['dns_domain'])

                    entries = conn.get_entries(basedn, scope, filter, attrs)
                except Exception, e:
                    msg = "Search on AD DC {host}:{port} failed with: {err}"\
                          .format(host=host, port=str(port), err=str(e))
                    if quiet:
                        root_logger.debug(msg)
                    else:
                        root_logger.warning(msg)
                finally:
コード例 #8
0
ファイル: ipaldap-demo.py プロジェクト: encukou/slides
import ipapython
from pprint import pprint
from ipapython.ipaldap import IPAdmin
from ipapython.dn import DN

dn = DN(('uid', 'jwhite'),
        ('cn', 'users'),
        ('cn', 'accounts'),
        ('dc', 'ipa'),
        ('dc', 'test'))
print 'DN:', dn

ldap = IPAdmin(host='ipa33.ipa.test')
entry = ldap.get_entry(dn)

#####

print 'DN:', entry.dn
print 'Name:', entry['cn']
print 'All attributes:'
pprint.pprint(dict(entry))