security-and-privacy/ldapcherry
security-and-privacy/ldapcherry
1
0
Fork 0
mirror of https://github.com/kakwa/ldapcherry synced 2024-11-25 10:44:30 +01:00
Code Releases Activity

making some attributes explicitly mandatory for Active Directory backend

Browse Source
This commit is contained in:
kakwa 2016-06-16 22:32:44 +02:00
parent 9a882d3626
commit d8631da7ba
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ldapcherry/backend/backendAD.py
View File

@ -23,12 +23,16 @@ class CaFileDontExist(Exception):
self.log = "CA file %(cafile)s don't exist" % {'cafile': cafile} self.log = "CA file %(cafile)s don't exist" % {'cafile': cafile}
class MissingAttr(Exception):
def __init__(self):
self.log = 'attributes "cn" and "unicodePwd" must be declared ' \
'in attributes.yml for all Active Directory backends.'
NO_ATTR = 0 NO_ATTR = 0
DISPLAYED_ATTRS = 1 DISPLAYED_ATTRS = 1
LISTED_ATTRS = 2 LISTED_ATTRS = 2
ALL_ATTRS = 3 ALL_ATTRS = 3
# UserAccountControl Attribute/Flag Values # UserAccountControl Attribute/Flag Values
# For details, look at: # For details, look at:
# https://support.microsoft.com/en-us/kb/305144 # https://support.microsoft.com/en-us/kb/305144
@ -139,6 +143,12 @@ class Backend(ldapcherry.backend.backendLdap.Backend):
for a in attrslist: for a in attrslist:
self.attrlist.append(self._str(a)) self.attrlist.append(self._str(a))
if 'cn' not in self.attrlist:
raise MissingAttr()
if 'unicodePwd' not in self.attrlist:
raise MissingAttr()
def _search_group(self, searchfilter, groupdn): def _search_group(self, searchfilter, groupdn):
searchfilter = self._str(searchfilter) searchfilter = self._str(searchfilter)
ldap_client = self._bind() ldap_client = self._bind()