IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix ipa-managed-entries bind procedure

Browse Source 
Make sure that when Directory Manager password is entered,
we directly do a simple bind instead of trying binding via GSSAPI.
Also capture ldap.INVALID_CREDENTIALS exception and provide nice
error message than crash.

https://fedorahosted.org/freeipa/ticket/1927
This commit is contained in:
Martin Kosek
2011-10-25 15:34:45 +02:00
parent 16b18135d9
commit 70cb8bf355
1 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
install/tools/ipa-managed-entries
View File

@@ -106,15 +106,21 @@ def main():
try: try:
filter = '(objectClass=extensibleObject)' filter = '(objectClass=extensibleObject)'
conn = ipaldap.IPAdmin(host, 636, cacert=CACERT) conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
conn.do_sasl_gssapi_bind()
except ldap.LOCAL_ERROR:
if options.dirman_password: if options.dirman_password:
dirman_password = options.dirman_password conn.do_simple_bind(bindpw=options.dirman_password)
else: else:
dirman_password = get_dirman_password() conn.do_sasl_gssapi_bind()
if dirman_password is None: except ldap.LOCAL_ERROR:
sys.exit("\nDirectory Manager password required") dirman_password = get_dirman_password()
conn.do_simple_bind(bindpw=dirman_password) if dirman_password is None:
sys.exit("\nDirectory Manager password required")
try:
conn.do_simple_bind(bindpw=dirman_password)
except ldap.INVALID_CREDENTIALS:
sys.exit("Invalid credentials")
except ldap.INVALID_CREDENTIALS:
sys.exit("Invalid credentials")
except errors.ExecutionError, lde: except errors.ExecutionError, lde:
sys.exit("An error occurred while connecting to the server.\n%s\n" % sys.exit("An error occurred while connecting to the server.\n%s\n" %
str(lde)) str(lde))