some bugfixes, config to example config, wrote function to get new uidNumber

This commit is contained in:
downhill 2018-10-23 16:33:54 +02:00
parent dfd537177e
commit c720f21e1d
2 changed files with 21 additions and 7 deletions

View file

@ -43,16 +43,16 @@ def ldapservers():
# returns the full dn # returns the full dn
def user_or_customer(uid): def user_or_customer(uid):
server = ldapservers() server = ldapservers()
conn = Connection(server) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
conn.bind() conn.bind()
search_customers = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid) search_customers = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid)
if search_customers: if search_customers:
conn.unbind() conn.unbind()
return '%s,ou=customers,dc=ungleich,dc=ch' % uid return '%s,ou=customers,dc=ungleich,dc=ch' % uid
search_users = conn.search('ou=customers,dc=ungleich,dc=ch', '(%s)' % uid) search_users = conn.search('ou=users,dc=ungleich,dc=ch', '(%s)' % uid)
if search_users: if search_users:
conn.unbind() conn.unbind()
return '%s,ou=customers,dc=ungleich,dc=ch' % uid return '%s,ou=users,dc=ungleich,dc=ch' % uid
conn.unbind() conn.unbind()
return False return False
@ -67,7 +67,7 @@ class UserLookUp(object):
# Setup the search parameter and connect to LDAP # Setup the search parameter and connect to LDAP
LDAP_UID = 'uid=%s' % user LDAP_UID = 'uid=%s' % user
server = ldapservers() server = ldapservers()
conn = Connection(server) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
conn.bind() conn.bind()
# Strange result. It keeps complaining LDAP_UID not set if I try to directly # Strange result. It keeps complaining LDAP_UID not set if I try to directly
# substitute x and y to the if # substitute x and y to the if
@ -114,8 +114,8 @@ class CreateUser(object):
w[0].mail = email w[0].mail = email
w[0].userPassword = password w[0].userPassword = password
w[0].homeDirectory = '/home/%s' % user w[0].homeDirectory = '/home/%s' % user
# TODO: Learn how to get the last uidNumber and what gidNumber to use # Set uidNumber as last used uidNumber+1
w[0].uidNumber = randint(1200,50000) w[0].uidNumber = self.get_new_uid_number(conn)
w[0].gidNumber = randint(1200,50000) w[0].gidNumber = randint(1200,50000)
if not w.commit(): if not w.commit():
conn.unbind() conn.unbind()
@ -125,6 +125,19 @@ class CreateUser(object):
self.dispatch('ldap', '%s [Info CreateUser] %s created.\n' % (datetime.now(), dn) ) self.dispatch('ldap', '%s [Info CreateUser] %s created.\n' % (datetime.now(), dn) )
return True return True
# Function to get the next uid number. Not elegant, but LAM does it too and didn't really find anything
# nicer. The sorted() seems to be quite efficient, so it shouldn't take too long even on larger arrays
def get_new_uid_number(self, conn):
conn.search('dc=ungleich,dc=ch', '(&(objectClass=posixAccount)(uidNumber=*))', attributes = [ 'uidNumber' ])
newuid = 0
uidlist = []
for c in conn.response:
uidlist.append(c['attribute']['uidNumber'])
newuid = sorted(uidlist)[len(uidlist)-1]
return newuid
# Returns some basic data from an user # Returns some basic data from an user
class GetUserData(object): class GetUserData(object):
name = "getuserdata" name = "getuserdata"
@ -135,7 +148,7 @@ class GetUserData(object):
# Setup the search parameter and connect to LDAP # Setup the search parameter and connect to LDAP
LDAP_UID = 'uid=%s' % user LDAP_UID = 'uid=%s' % user
server = ldapservers() server = ldapservers()
conn = Connection(server) conn = Connection(server, config['LDAP']['LDAPMANAGER'], config['LDAP']['LDAPMANAGERPASSWORD'])
conn.bind() conn.bind()
if not conn.bound: if not conn.bound:
self.dispatch('ldap', '%s [Error GetUserData] Could not connect to LDAP server.\n' % datetime.now() ) self.dispatch('ldap', '%s [Error GetUserData] Could not connect to LDAP server.\n' % datetime.now() )

View file

@ -17,3 +17,4 @@ LDAPSERVER1 = localhost
# Change to something which has enough access to create users, change things around, etc # Change to something which has enough access to create users, change things around, etc
LDAPMANAGER = cn=manager,dc=ungleich,dc=ch LDAPMANAGER = cn=manager,dc=ungleich,dc=ch
LDAPMANAGERPASSWORD = foobar LDAPMANAGERPASSWORD = foobar