From 320f57ab7605a20eb584df7577afc7f2a4bc7c1a Mon Sep 17 00:00:00 2001 From: kakwa Date: Thu, 21 Jul 2016 07:33:14 +0200 Subject: [PATCH] fix self user password modification in AD Backend In some forms, the 'cn' attribute might not be accessible. The _set_password method relied on 'cn' to build the user dn. Now it accepts the cn or the dn (by_cn switch). --- ldapcherry/backend/backendAD.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/ldapcherry/backend/backendAD.py b/ldapcherry/backend/backendAD.py index 3d69f49..74ef430 100644 --- a/ldapcherry/backend/backendAD.py +++ b/ldapcherry/backend/backendAD.py @@ -174,16 +174,19 @@ class Backend(ldapcherry.backend.backendLdap.Backend): ad_groups.append('cn=' + group + ',' + self.groupdn) return ad_groups - def _set_password(self, cn, password): + def _set_password(self, name, password, by_cn=True): unicode_pass = '\"' + password + '\"' password_value = unicode_pass.encode('utf-16-le') ldap_client = self._bind() - dn = self._str('CN=%(cn)s,%(user_dn)s' % { - 'cn': cn, - 'user_dn': self.userdn - }) + if by_cn: + dn = self._str('CN=%(cn)s,%(user_dn)s' % { + 'cn': name, + 'user_dn': self.userdn + }) + else: + dn = name attrs = {} @@ -201,7 +204,8 @@ class Backend(ldapcherry.backend.backendLdap.Backend): password = attrs['unicodePwd'] del(attrs['unicodePwd']) super(Backend, self).add_user(attrs) - self._set_password(attrs['cn'], password) + userdn = self._get_user(username, NO_ATTR) + self._set_password(userdn, password, False) def set_attrs(self, username, attrs): if 'unicodePwd' in attrs: