security-and-privacy/ldapcherry
security-and-privacy
/
ldapcherry
mirror of https://github.com/kakwa/ldapcherry
1
0
Fork 0
Code Releases Activity

fix self user password modification in AD Backend 

In some forms, the 'cn' attribute might not be accessible.
The _set_password method relied on 'cn' to build the user dn.
Now it accepts the cn or the dn (by_cn switch).
This commit is contained in:
kakwa 2016-07-21 07:33:14 +02:00
parent 6ef44b9b2e
commit 320f57ab76
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ldapcherry/backend/backendAD.py
View File

@ -174,16 +174,19 @@ class Backend(ldapcherry.backend.backendLdap.Backend):
ad_groups.append('cn=' + group + ',' + self.groupdn)
return ad_groups
def _set_password(self, cn, password):
def _set_password(self, name, password, by_cn=True):
unicode_pass = '\"' + password + '\"'
password_value = unicode_pass.encode('utf-16-le')
ldap_client = self._bind()
dn = self._str('CN=%(cn)s,%(user_dn)s' % {
'cn': cn,
'user_dn': self.userdn
})
if by_cn:
dn = self._str('CN=%(cn)s,%(user_dn)s' % {
'cn': name,
'user_dn': self.userdn
})
else:
dn = name
attrs = {}
@ -201,7 +204,8 @@ class Backend(ldapcherry.backend.backendLdap.Backend):
password = attrs['unicodePwd']
del(attrs['unicodePwd'])
super(Backend, self).add_user(attrs)
self._set_password(attrs['cn'], password)
userdn = self._get_user(username, NO_ATTR)
self._set_password(userdn, password, False)
def set_attrs(self, username, attrs):
if 'unicodePwd' in attrs: