mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
Fix ipa-managed-entries bind procedure
Make sure that when Directory Manager password is entered, we directly do a simple bind instead of trying binding via GSSAPI. Also capture ldap.INVALID_CREDENTIALS exception and provide nice error message than crash. https://fedorahosted.org/freeipa/ticket/1927
This commit is contained in:
parent
16b18135d9
commit
70cb8bf355
@ -106,15 +106,21 @@ def main():
|
||||
try:
|
||||
filter = '(objectClass=extensibleObject)'
|
||||
conn = ipaldap.IPAdmin(host, 636, cacert=CACERT)
|
||||
|
||||
if options.dirman_password:
|
||||
conn.do_simple_bind(bindpw=options.dirman_password)
|
||||
else:
|
||||
conn.do_sasl_gssapi_bind()
|
||||
except ldap.LOCAL_ERROR:
|
||||
if options.dirman_password:
|
||||
dirman_password = options.dirman_password
|
||||
else:
|
||||
dirman_password = get_dirman_password()
|
||||
if dirman_password is None:
|
||||
sys.exit("\nDirectory Manager password required")
|
||||
try:
|
||||
conn.do_simple_bind(bindpw=dirman_password)
|
||||
except ldap.INVALID_CREDENTIALS:
|
||||
sys.exit("Invalid credentials")
|
||||
except ldap.INVALID_CREDENTIALS:
|
||||
sys.exit("Invalid credentials")
|
||||
except errors.ExecutionError, lde:
|
||||
sys.exit("An error occurred while connecting to the server.\n%s\n" %
|
||||
str(lde))
|
||||
|
Loading…
Reference in New Issue
Block a user