diff options
author | Pavel Zuna <pzuna@redhat.com> | 2010-01-12 16:40:09 +0100 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2010-01-20 16:54:17 -0500 |
commit | c15c1eee729e912f4f55c90861d4dd0be0bdd601 (patch) | |
tree | d6f7897fec77a6be50daa7d33b81812ad73576aa /install/migration/migration.py | |
parent | 41a7a8d3d4d79cf15dac5583fc5aa8c301282c98 (diff) | |
download | freeipa-c15c1eee729e912f4f55c90861d4dd0be0bdd601.tar.gz freeipa-c15c1eee729e912f4f55c90861d4dd0be0bdd601.tar.xz freeipa-c15c1eee729e912f4f55c90861d4dd0be0bdd601.zip |
Add DS migration plugin and password migration page.
Diffstat (limited to 'install/migration/migration.py')
-rw-r--r-- | install/migration/migration.py | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/install/migration/migration.py b/install/migration/migration.py new file mode 100644 index 000000000..bf12c5cec --- /dev/null +++ b/install/migration/migration.py @@ -0,0 +1,67 @@ +# Authors: +# Pavel Zuna <pzuna@redhat.com> +# +# Copyright (C) 2009 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +""" +Password migration script +""" + +import ldap +from mod_python import apache, util + + +BASE_DN = '' +LDAP_URI = 'ldap://localhost:389' + + +def get_base_dn(): + """ + Retrieve LDAP server base DN. + """ + if BASE_DN: + return BASE_DN + try: + conn = ldap.initialize(LDAP_URI) + conn.simple_bind_s('', '') + entries = conn.search_ext_s( + '', scope=ldap.SCOPE_BASE, attrlist=['namingcontexts'] + ) + except ldap.LDAPError: + return '' + conn.unbind_s() + try: + return entries[0][1]['namingcontexts'][0] + except (IndexError, KeyError): + return '' + + +def bind(req, username, password): + base_dn = get_base_dn() + if not base_dn: + util.redirect(req, '/ipa/migration/error.html') + bind_dn = 'uid=%s,cn=users,cn=accounts,%s' % (username, base_dn) + try: + conn = ldap.initialize(LDAP_URI) + conn.simple_bind_s(bind_dn, password) + except (ldap.INVALID_CREDENTIALS, ldap.UNWILLING_TO_PERFORM, + ldap.NO_SUCH_OBJECT): + util.redirect(req, '/ipa/migration/invalid.html') + except ldap.LDAPError: + util.redirect(req, '/ipa/migration/error.html') + conn.unbind_s() + util.redirect(req, '/ipa/ui') + |