security-and-privacy/ldapcherry
security-and-privacy
/
ldapcherry
mirror of https://github.com/kakwa/ldapcherry
1
0
Fork 0
Code Releases Activity

fix self user password modification in AD Backend 

In some forms, the 'cn' attribute might not be accessible.
The _set_password method relied on 'cn' to build the user dn.
Now it accepts the cn or the dn (by_cn switch).
This commit is contained in:
kakwa 2016-07-21 07:33:14 +02:00
parent 6ef44b9b2e
commit 320f57ab76
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
ldapcherry/backend/backendAD.py
View File

@ -174,16 +174,19 @@ class Backend(ldapcherry.backend.backendLdap.Backend):
ad_groups.append('cn=' + group + ',' + self.groupdn) ad_groups.append('cn=' + group + ',' + self.groupdn)
return ad_groups return ad_groups
def _set_password(self, cn, password): def _set_password(self, name, password, by_cn=True):
unicode_pass = '\"' + password + '\"' unicode_pass = '\"' + password + '\"'
password_value = unicode_pass.encode('utf-16-le') password_value = unicode_pass.encode('utf-16-le')
ldap_client = self._bind() ldap_client = self._bind()
dn = self._str('CN=%(cn)s,%(user_dn)s' % { if by_cn:
'cn': cn, dn = self._str('CN=%(cn)s,%(user_dn)s' % {
'user_dn': self.userdn 'cn': name,
}) 'user_dn': self.userdn
})
else:
dn = name
attrs = {} attrs = {}
@ -201,7 +204,8 @@ class Backend(ldapcherry.backend.backendLdap.Backend):
password = attrs['unicodePwd'] password = attrs['unicodePwd']
del(attrs['unicodePwd']) del(attrs['unicodePwd'])
super(Backend, self).add_user(attrs) super(Backend, self).add_user(attrs)
self._set_password(attrs['cn'], password) userdn = self._get_user(username, NO_ATTR)
self._set_password(userdn, password, False)
def set_attrs(self, username, attrs): def set_attrs(self, username, attrs):
if 'unicodePwd' in attrs: if 'unicodePwd' in attrs: