def doveadm_set_mailbox_acls(self, mailbox,
acls): # type: (str, List[str]) -> None
for acl in acls:
identifier, right = self._split_udm_imap_acl_doveadm(acl)
if right == "none":
cmd = [
"/usr/bin/doveadm", "acl", "delete", "-u",
custom_username("Administrator"), mailbox, identifier
]
else:
cmd = [
"/usr/bin/doveadm", "acl", "set", "-u",
custom_username("Administrator"), mailbox, identifier
]
cmd.extend(dovecot_acls[right][1])
try:
self.read_from_ext_proc_as_root(cmd)
except Exception:
self.log_e(
"Failed to set ACL using doveadm using command '%s'." %
cmd)
raise
def __init__(self):
if _license:
raise Exception('never create this object directly')
self.new_license = False
self.disable_add = 0
self._expired = False
self.endDate = None
self.oemProductTypes = []
self.licenseBase = None
self.types = []
self.version = '1'
self.searchResult = None
self.sysAccountNames = (
custom_username('Administrator'),
'ucs-sso',
'join-backup',
'join-slave',
'spam',
'oxadmin',
'krbtgt',
'pcpatch', # opsi app
'opsiconfd', # opsi app
custom_username('Guest'),
'dns-*',
'http-%s' % configRegistry.get('hostname'),
'http-proxy-%s' % configRegistry.get('hostname'),
'zarafa-%s' % configRegistry.get('hostname'),
custom_username('SBSMonAcct'), # SBS account
custom_username('Network Administrator'), # SBS role
custom_username('Standard User'), # SBS role
custom_username(
'WebWorkplaceTools'
), # SBS role "Standard User with administration links"
'IUSR_WIN-*', # IIS account
)
self.sysAccountsFound = 0
self.licenses = {
'1': {
# Version 1 till UCS 3.1
License.ACCOUNT: None,
License.CLIENT: None,
License.DESKTOP: None,
License.GROUPWARE: None,
},
'2': {
# Version 2 since UCS 3.1
License.USERS: None,
License.SERVERS: None,
License.MANAGEDCLIENTS: None,
License.CORPORATECLIENTS: None,
},
}
self.real = {
'1': {
# Version 1 till UCS 3.1
License.ACCOUNT: 0,
License.CLIENT: 0,
License.DESKTOP: 0,
License.GROUPWARE: 0,
},
'2': {
# Version 2 since UCS 3.1
License.USERS: 0,
License.SERVERS: 0,
License.MANAGEDCLIENTS: 0,
License.CORPORATECLIENTS: 0,
},
}
self.names = {
'1': {
# Version 1 till UCS 3.1
License.ACCOUNT: 'Accounts',
License.CLIENT: 'Clients',
License.DESKTOP: 'Desktops',
License.GROUPWARE: 'Groupware Accounts',
},
'2': {
# Version 2 since UCS 3.1
License.USERS: 'Users',
License.SERVERS: 'Servers',
License.MANAGEDCLIENTS: 'Managed Clients',
License.CORPORATECLIENTS: 'Corporate Clients',
},
}
self.keys = {
'1': {
# Version 1 till UCS 3.1
License.ACCOUNT: 'univentionLicenseAccounts',
License.CLIENT: 'univentionLicenseClients',
License.DESKTOP: 'univentionLicenseuniventionDesktops',
License.GROUPWARE: 'univentionLicenseGroupwareAccounts'
},
'2': {
# Version 1 till UCS 3.1
License.USERS: 'univentionLicenseUsers',
License.SERVERS: 'univentionLicenseServers',
License.MANAGEDCLIENTS: 'univentionLicenseManagedClients',
License.CORPORATECLIENTS: 'univentionLicenseCorporateClients',
},
}
self.filters = {
'1': {
# Version 1 till UCS 3.1
License.ACCOUNT:
'(&(|(&(objectClass=posixAccount)(objectClass=shadowAccount))(objectClass=sambaSamAccount))(!(uidNumber=0))(!(uid=*$))(!(&(shadowExpire=1)(krb5KDCFlags=254)(|(sambaAcctFlags=[UD ])(sambaAcctFlags=[ULD ])))))',
License.CLIENT:
'(|(objectClass=univentionThinClient)(objectClass=univentionClient)(objectClass=univentionMobileClient)(objectClass=univentionWindows)(objectClass=univentionMacOSClient))',
License.DESKTOP:
'(|(objectClass=univentionThinClient)(&(objectClass=univentionClient)(objectClass=posixAccount))(objectClass=univentionMobileClient))',
License.GROUPWARE:
'(&(objectclass=kolabInetOrgPerson)(kolabHomeServer=*)(!(&(shadowExpire=1)(krb5KDCFlags=254)(|(sambaAcctFlags=[UD ])(sambaAcctFlags=[ULD ])))))',
},
'2': {
# Version 2 since UCS 3.1
License.USERS:
'(&%s)' % ''.join([
LDAP_FILTER_normal_user_account,
ldap_filter_not_objectflag(user_exclude_objectflags),
LDAP_FILTER_account_not_disabled
]),
License.SERVERS:
'(&(|(objectClass=univentionDomainController)(objectClass=univentionMemberServer))(!(univentionObjectFlag=docker)))',
# Managed Clients, Windows Clients, Ubuntu Clients, Linux Clients, MaxOS X Clients
License.MANAGEDCLIENTS:
'(&%s)' % ''.join([
LDAP_FILTER_managedclients,
ldap_filter_not_objectflag(
managedclient_exclude_objectflags)
]),
License.CORPORATECLIENTS:
'(&(objectclass=univentionCorporateClient))',
},
}
self.__selected = False
#!/usr/bin/python2.7
from __future__ import print_function
from univention.lib.misc import custom_username, custom_groupname
print("Administrator", custom_username("Administrator"))
print("Domain Admins", custom_groupname("Domain Admins"))
print("Administrator", custom_groupname("Administrator"))
print("Windows Hosts", custom_groupname("Windows Hosts"))