|
|
|
|
@ -75,25 +75,7 @@ class addLdif(LDIFParser):
|
|
|
|
|
self.ldapCon = ldapCon
|
|
|
|
|
|
|
|
|
|
def handle(self, dn, entry):
|
|
|
|
|
findDN = False
|
|
|
|
|
try:
|
|
|
|
|
findDN = self.ldapCon.compare_s(dn,
|
|
|
|
|
dn.split(',')[0].split('=')[0],
|
|
|
|
|
dn.split(',')[0].split('=')[1])
|
|
|
|
|
except ldap.NO_SUCH_OBJECT:
|
|
|
|
|
pass
|
|
|
|
|
if findDN:
|
|
|
|
|
print "DELETE", dn
|
|
|
|
|
try:
|
|
|
|
|
print self.ldapCon.delete_s(dn)
|
|
|
|
|
except ldap.NOT_ALLOWED_ON_NONLEAF:
|
|
|
|
|
print "ERROR DELETE", dn
|
|
|
|
|
print "ADD_DN", dn
|
|
|
|
|
try:
|
|
|
|
|
self.ldapCon.add_s(dn, entry.items())
|
|
|
|
|
except ldap.LDAPError, e:
|
|
|
|
|
pass
|
|
|
|
|
print "ERROR ADD", e[0]['desc']
|
|
|
|
|
self.ldapCon.add_s(dn, entry.items())
|
|
|
|
|
|
|
|
|
|
class ldapFunction(cl_profile._error):
|
|
|
|
|
'''Объект для работы с LDAP сервером'''
|
|
|
|
|
@ -165,9 +147,11 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
# объект для форматированного вывода
|
|
|
|
|
imp_cl_help.__init__(self, cmdName)
|
|
|
|
|
# Базовый DN всех сервисов относительно базового DN
|
|
|
|
|
servicesRelDN = "ou=Services"
|
|
|
|
|
self.servicesRelDN = "ou=Services"
|
|
|
|
|
# Базовый DN Samba сервиса относительно DN сервисов
|
|
|
|
|
self.sambaDN = "ou=Samba"
|
|
|
|
|
# Базовый DN Samba сервиса относительно базового DN
|
|
|
|
|
self.sambaRelDN = "ou=Samba,%s" %servicesRelDN
|
|
|
|
|
self.sambaRelDN = "%s,%s" %(self.sambaDN, self.servicesRelDN)
|
|
|
|
|
|
|
|
|
|
# Основная группа пользователей LDAP
|
|
|
|
|
self.nameBaseGroup = "Services"
|
|
|
|
|
@ -195,6 +179,7 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
(_("Examples"),True,1,1,""),
|
|
|
|
|
(_("Common options"),True,1,1,"options"),
|
|
|
|
|
(_("Service LDAP options"),True,1,1,"options"),
|
|
|
|
|
(_("Service Unix options"),True,1,1,"options"),
|
|
|
|
|
(_("Service Samba options"),True,1,1,"options"),
|
|
|
|
|
(_("Services"),True,1,0,"")
|
|
|
|
|
]
|
|
|
|
|
@ -215,16 +200,21 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
_("Service Samba options")],
|
|
|
|
|
"ldap":[_("Common options"),
|
|
|
|
|
_("Service LDAP options")],
|
|
|
|
|
"unix":[_("Common options"),
|
|
|
|
|
_("Service Unix options")],
|
|
|
|
|
}
|
|
|
|
|
# Cвязь длинных опций помощи и выводимых разделов помощи с опциями
|
|
|
|
|
self.relOptions = {"h":[_("Common options")],
|
|
|
|
|
"help-ldap":[_("Common options"),
|
|
|
|
|
_("Service LDAP options")],
|
|
|
|
|
"help-unix":[_("Common options"),
|
|
|
|
|
_("Service Unix options")],
|
|
|
|
|
"help-samba":[_("Common options"),
|
|
|
|
|
_("Service Samba options")],
|
|
|
|
|
"help-all":[_("Common options"),
|
|
|
|
|
_("Service Samba options"),
|
|
|
|
|
_("Service LDAP options")
|
|
|
|
|
_("Service LDAP options"),
|
|
|
|
|
_("Service Unix options")
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -239,6 +229,10 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("display help options service LDAP")
|
|
|
|
|
},
|
|
|
|
|
{'longOption':"help-unix",
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("display help options service Unix")
|
|
|
|
|
},
|
|
|
|
|
{'longOption':"help-samba",
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("display help options service Samba")
|
|
|
|
|
@ -284,14 +278,14 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
'shortOption':"b",
|
|
|
|
|
'longOption':"base-dir",
|
|
|
|
|
'optVal':"BASE_DIR",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("base directory for the new user account home directory")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"c",
|
|
|
|
|
'longOption':"comment",
|
|
|
|
|
'optVal':"COMMENT",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("set the GECOS field for the new user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
@ -303,32 +297,32 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
'shortOption':"g",
|
|
|
|
|
'longOption':"gid",
|
|
|
|
|
'optVal':"GROUP",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("force use GROUP for the new user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"G",
|
|
|
|
|
'longOption':"groups",
|
|
|
|
|
'optVal':"GROUPS",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("list of supplementary groups for the new user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"k",
|
|
|
|
|
'longOption':"skel",
|
|
|
|
|
'optVal':"SKEL_DIR",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("specify an alternative skel directory")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"p",
|
|
|
|
|
'longOption':"password",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("use password for the user account (from dialog)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"P",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("use password for the user account (from standart input)")
|
|
|
|
|
},
|
|
|
|
|
#{'progAccess':(3,),
|
|
|
|
|
@ -341,21 +335,21 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"m",
|
|
|
|
|
'longOption':"create-home",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("create home directory for the new user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"s",
|
|
|
|
|
'longOption':"shell",
|
|
|
|
|
'optVal':"SHELL",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("the login shell for the new user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"u",
|
|
|
|
|
'longOption':"uid",
|
|
|
|
|
'optVal':"UID",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("force use the UID for the new user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(4,),
|
|
|
|
|
@ -462,19 +456,19 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
{'progAccess':(7,),
|
|
|
|
|
'shortOption':"d",
|
|
|
|
|
'longOption':"delete",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("delete the password for the named account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(7,),
|
|
|
|
|
'shortOption':"l",
|
|
|
|
|
'longOption':"lock",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("lock the named account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(7,),
|
|
|
|
|
'shortOption':"u",
|
|
|
|
|
'longOption':"unlock",
|
|
|
|
|
'helpChapter':_("Service LDAP options"),
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("unlock the named account")
|
|
|
|
|
},
|
|
|
|
|
#{'progAccess':(0,1,2,4,5,6),
|
|
|
|
|
@ -495,6 +489,10 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
'help':pcs(" ldap", self.column_width,
|
|
|
|
|
"ldap " + servName, self.consolewidth-self.column_width)
|
|
|
|
|
},
|
|
|
|
|
{'helpChapter':_("Services"),
|
|
|
|
|
'help':pcs(" unix", self.column_width,
|
|
|
|
|
"unix " + servName, self.consolewidth-self.column_width)
|
|
|
|
|
},
|
|
|
|
|
{'helpChapter':_("Services"),
|
|
|
|
|
'help':pcs(" samba", self.column_width,
|
|
|
|
|
"samba " + servName, self.consolewidth-self.column_width)
|
|
|
|
|
@ -780,6 +778,28 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def deleteDN(self, delDN, ldapObj):
|
|
|
|
|
"""Удаляет DN и все внутренние элементы"""
|
|
|
|
|
delListDN=[]
|
|
|
|
|
try:
|
|
|
|
|
dnList = ldapObj.conLdap.search_s(delDN,
|
|
|
|
|
ldap.SCOPE_SUBTREE,
|
|
|
|
|
'(objectclass=*)',
|
|
|
|
|
[''])
|
|
|
|
|
except ldap.LDAPError, e:
|
|
|
|
|
self.printERROR(_("deleteDN") +": "+e[0]['desc'])
|
|
|
|
|
return False
|
|
|
|
|
for dn, f in dnList:
|
|
|
|
|
delListDN.append(dn)
|
|
|
|
|
delListDN.sort(lambda x, y: cmp(len(y), len(x)))
|
|
|
|
|
for dn in delListDN:
|
|
|
|
|
try:
|
|
|
|
|
ldapObj.conLdap.delete_s(dn)
|
|
|
|
|
except ldap.LDAPError, e:
|
|
|
|
|
self.printERROR(_("deleteDN") +": "+e[0]['desc'])
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def setupLdapServer(self, options):
|
|
|
|
|
"""Начальная настройка LDAP сервиса"""
|
|
|
|
|
# Принудительная установка
|
|
|
|
|
@ -925,6 +945,24 @@ Samba in backup directory")
|
|
|
|
|
if not "ok" in textLine:
|
|
|
|
|
self.printNotOK(_("LDAP restart ..."))
|
|
|
|
|
return False
|
|
|
|
|
ldapObj = self.getLdapObjInFile()
|
|
|
|
|
if not ldapObj:
|
|
|
|
|
return False
|
|
|
|
|
servicesDN = "%s,%s" % (self.servicesRelDN,\
|
|
|
|
|
clVars.Get("soft_ldap_base"))
|
|
|
|
|
resSearch = ldapObj.ldapSearch(servicesDN, ldap.SCOPE_ONELEVEL,
|
|
|
|
|
self.sambaDN, [''])
|
|
|
|
|
ret = True
|
|
|
|
|
if resSearch:
|
|
|
|
|
delDN = "%s,%s" %(self.sambaDN, servicesDN)
|
|
|
|
|
ret = self.deleteDN(delDN, ldapObj)
|
|
|
|
|
if ret:
|
|
|
|
|
self.printOK(_("Remove Samba DN in LDAP Database ..."))
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Remove Samba DN in LDAP Database ..."))
|
|
|
|
|
if not ret:
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
ldifFile = "/usr/lib/calculate/calculate-server/ldif/samba_base.ldif"
|
|
|
|
|
baseLdif = self.createLdif(ldifFile, clVars)
|
|
|
|
|
#print baseLdif
|
|
|
|
|
@ -2458,22 +2496,12 @@ class tsOpt:
|
|
|
|
|
self.opt = optObj.opt
|
|
|
|
|
# Обработка help
|
|
|
|
|
self.flagHelp = False
|
|
|
|
|
if "h" in optObj.opt:
|
|
|
|
|
print obj.getHelp(obj.relOptions['h'])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
elif "help-ldap" in optObj.opt:
|
|
|
|
|
print obj.getHelp(obj.relOptions['help-ldap'])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
elif "help-samba" in optObj.opt:
|
|
|
|
|
print obj.getHelp(obj.relOptions['help-samba'])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
elif "help-all" in optObj.opt:
|
|
|
|
|
print obj.getHelp(obj.relOptions['help-all'])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
elif not optObj.params:
|
|
|
|
|
print obj.getHelp(obj.relOptions['h'])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
else:
|
|
|
|
|
for relOpt in obj.relOptions.keys():
|
|
|
|
|
if relOpt in optObj.opt:
|
|
|
|
|
print obj.getHelp(obj.relOptions[relOpt])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
break
|
|
|
|
|
if not self.flagHelp:
|
|
|
|
|
if optObj.params.has_key('service'):
|
|
|
|
|
if not (optObj.params['service'] in obj.allServ) or\
|
|
|
|
|
len(optObj.nameParams) != optObj.__iter:
|
|
|
|
|
|
asamoukin
16 years ago