summaryrefslogtreecommitdiffstats
path: root/src/libtdeldap.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/libtdeldap.cpp')
-rw-r--r--src/libtdeldap.cpp34
1 files changed, 27 insertions, 7 deletions
diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 3fc2006..f7afe0d 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -476,12 +476,13 @@ printf("[RAJA DEBUG 100.3] %s: %s\n\r", attr, vals[i]->bv_val);
return userinfo;
}
-LDAPUserInfoList LDAPManager::users() {
+LDAPUserInfoList LDAPManager::users(int* mretcode) {
int retcode;
LDAPUserInfoList users;
printf("[RAJA DEBUG 100.0] In LDAPManager::users()\n\r"); fflush(stdout);
if (bind() < 0) {
+ if (mretcode) *mretcode = -1;
return LDAPUserInfoList();
}
else {
@@ -492,6 +493,7 @@ printf("[RAJA DEBUG 100.1] In LDAPManager::users() bind was OK\n\r"); fflush(std
retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, NULL, 0, &msg);
if (retcode != LDAP_SUCCESS) {
KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+ if (mretcode) *mretcode = -1;
return LDAPUserInfoList();
}
@@ -506,6 +508,7 @@ printf("[RAJA DEBUG 100.2] The number of entries returned was %d\n\n", ldap_coun
// clean up
ldap_msgfree(msg);
+ if (mretcode) *mretcode = 0;
return users;
}
@@ -658,6 +661,7 @@ int LDAPManager::updateUserInfo(LDAPUserInfo user) {
add_single_attribute_operation(mods, &i, "uidNumber", TQString("%1").arg(user.uid));
add_single_attribute_operation(mods, &i, "loginShell", user.shell);
add_single_attribute_operation(mods, &i, "homeDirectory", user.homedir);
+ add_single_attribute_operation(mods, &i, "userPassword", "{SASL}" + user.name + "@" + m_realm.upper());
add_single_attribute_operation(mods, &i, "gidNumber", TQString("%1").arg(user.primary_gid));
add_single_attribute_operation(mods, &i, "krb5KDCFlags", TQString("%1").arg(user.status)); // Default active user is 586 [KRB5_ACTIVE_DEFAULT] and locked out user is 7586 [KRB5_DISABLED_ACCOUNT]
// add_single_attribute_operation(mods, &i, "", user.password_expires);
@@ -754,7 +758,7 @@ int LDAPManager::updateGroupInfo(LDAPGroupInfo group) {
else {
// Assemble the LDAPMod structure
// We will replace any existing attributes with the new values
- int number_of_parameters = 2; // 2 primary attributes
+ int number_of_parameters = 3; // 3 primary attributes
LDAPMod *mods[number_of_parameters+1];
for (i=0;i<number_of_parameters;i++) {
mods[i] = new LDAPMod;
@@ -772,8 +776,18 @@ int LDAPManager::updateGroupInfo(LDAPGroupInfo group) {
completeGroupList.prepend(placeholderGroup);
}
add_multiple_attributes_operation(mods, &i, "member", completeGroupList);
- // RAJA FIXME
// Also populate memberUid attribute from the above list (minus the cn=,dc=... stuff, i.e. just the username)
+ TQStringList posixGroupList;
+ for ( TQStringList::Iterator it = group.userlist.begin(); it != group.userlist.end(); ++it ) {
+ TQString plainUserName = *it;
+ int eqpos = plainUserName.find("=")+1;
+ int cmpos = plainUserName.find(",", eqpos);
+ plainUserName.truncate(cmpos);
+ plainUserName.remove(0, eqpos);
+ posixGroupList.append(plainUserName);
+ }
+ add_multiple_attributes_operation(mods, &i, "memberUid", posixGroupList);
+
LDAPMod *prevterm = mods[i];
mods[i] = NULL;
@@ -835,6 +849,7 @@ int LDAPManager::addUserInfo(LDAPUserInfo user) {
create_single_attribute_operation(mods, &i, "cn", user.commonName);
create_single_attribute_operation(mods, &i, "sn", user.surName);
create_single_attribute_operation(mods, &i, "homeDirectory", user.homedir);
+ create_single_attribute_operation(mods, &i, "userPassword", "{SASL}" + user.name + "@" + m_realm.upper());
// Kerberos
create_single_attribute_operation(mods, &i, "krb5KeyVersionNumber", "1");
create_single_attribute_operation(mods, &i, "krb5PrincipalName", TQString(user.name.lower()) + "@" + m_realm.upper());
@@ -1109,12 +1124,13 @@ for(i = 0; vals[i] != NULL; i++) {
return machineinfo;
}
-LDAPGroupInfoList LDAPManager::groups() {
+LDAPGroupInfoList LDAPManager::groups(int* mretcode) {
int retcode;
LDAPGroupInfoList groups;
printf("[RAJA DEBUG 110.0] In LDAPManager::groups()\n\r"); fflush(stdout);
if (bind() < 0) {
+ if (mretcode) *mretcode = -1;
return LDAPGroupInfoList();
}
else {
@@ -1123,10 +1139,10 @@ printf("[RAJA DEBUG 110.1] In LDAPManager::groups() bind was OK\n\r"); fflush(st
TQString ldap_base_dn = m_basedc;
TQString ldap_filter = "(objectClass=posixGroup)";
struct timeval timeout;
- timeout.tv_sec = 10; // 10 second timeout
- retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, &timeout, 0, &msg);
+ retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, NULL, 0, &msg);
if (retcode != LDAP_SUCCESS) {
KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+ if (mretcode) *mretcode = -1;
return LDAPGroupInfoList();
}
@@ -1142,18 +1158,20 @@ printf("[RAJA DEBUG 110.2] The number of entries returned was %d\n\n", ldap_coun
// clean up
ldap_msgfree(msg);
+ if (mretcode) *mretcode = 0;
return groups;
}
return LDAPGroupInfoList();
}
-LDAPMachineInfoList LDAPManager::machines() {
+LDAPMachineInfoList LDAPManager::machines(int* mretcode) {
int retcode;
LDAPMachineInfoList machines;
printf("[RAJA DEBUG 120.0] In LDAPManager::machines()\n\r"); fflush(stdout);
if (bind() < 0) {
+ if (mretcode) *mretcode = -1;
return LDAPMachineInfoList();
}
else {
@@ -1164,6 +1182,7 @@ printf("[RAJA DEBUG 120.1] In LDAPManager::machines() bind was OK\n\r"); fflush(
retcode = ldap_search_ext_s(m_ldap, ldap_base_dn.ascii(), LDAP_SCOPE_SUBTREE, ldap_filter.ascii(), ldap_user_and_operational_attributes, 0, NULL, NULL, NULL, 0, &msg);
if (retcode != LDAP_SUCCESS) {
KMessageBox::error(0, i18n("<qt>LDAP search failure<p>Reason: [%3] %4</qt>").arg(retcode).arg(ldap_err2string(retcode)), i18n("LDAP Error"));
+ if (mretcode) *mretcode = -1;
return LDAPMachineInfoList();
}
@@ -1178,6 +1197,7 @@ printf("[RAJA DEBUG 120.2] The number of entries returned was %d\n\n", ldap_coun
// clean up
ldap_msgfree(msg);
+ if (mretcode) *mretcode = 0;
return machines;
}
generated by cgit v1.2.1 (git 2.18.0) at 2024-12-20 18:04:24 +0000