def _get_ldap_connection(self,
args,
allow_machine_connection=False,
allow_admin_connection=True):
if allow_admin_connection:
if ucr_get('server/role') == 'domaincontroller_master' and getuser(
) == 'root':
try:
return self._get_admin_connection()
except ConnectionFailed:
if allow_machine_connection or args is not None:
# try to get another connection
pass
else:
raise
if allow_machine_connection:
try:
return self._get_machine_connection()
except ConnectionFailed:
if args is not None:
# try to get another connection
pass
else:
raise
attempts = 0
if args is not None:
args = deepcopy(args)
while attempts < 3:
attempts += 1
userdn = self._get_userdn(args)
password = self._get_password(args)
try:
if not userdn or not password:
raise ldap.INVALID_CREDENTIALS()
return get_connection(userdn, password)
except ldap.CONNECT_ERROR as exc:
raise ConnectionFailedConnectError(exc)
except ldap.SERVER_DOWN:
raise ConnectionFailedServerDown()
except ldap.INVALID_CREDENTIALS:
time.sleep(0.1)
self.warn('Invalid credentials')
args.username = None
self._username = None
args.pwdfile = None
self._password = None
raise ConnectionFailedInvalidUserCredentials()
raise ConnectionFailed()