From c15c1eee729e912f4f55c90861d4dd0be0bdd601 Mon Sep 17 00:00:00 2001 From: Pavel Zuna Date: Tue, 12 Jan 2010 16:40:09 +0100 Subject: Add DS migration plugin and password migration page. --- install/migration/migration.py | 67 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 install/migration/migration.py (limited to 'install/migration/migration.py') diff --git a/install/migration/migration.py b/install/migration/migration.py new file mode 100644 index 00000000..bf12c5ce --- /dev/null +++ b/install/migration/migration.py @@ -0,0 +1,67 @@ +# Authors: +# Pavel Zuna +# +# Copyright (C) 2009 Red Hat +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; version 2 only +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +""" +Password migration script +""" + +import ldap +from mod_python import apache, util + + +BASE_DN = '' +LDAP_URI = 'ldap://localhost:389' + + +def get_base_dn(): + """ + Retrieve LDAP server base DN. + """ + if BASE_DN: + return BASE_DN + try: + conn = ldap.initialize(LDAP_URI) + conn.simple_bind_s('', '') + entries = conn.search_ext_s( + '', scope=ldap.SCOPE_BASE, attrlist=['namingcontexts'] + ) + except ldap.LDAPError: + return '' + conn.unbind_s() + try: + return entries[0][1]['namingcontexts'][0] + except (IndexError, KeyError): + return '' + + +def bind(req, username, password): + base_dn = get_base_dn() + if not base_dn: + util.redirect(req, '/ipa/migration/error.html') + bind_dn = 'uid=%s,cn=users,cn=accounts,%s' % (username, base_dn) + try: + conn = ldap.initialize(LDAP_URI) + conn.simple_bind_s(bind_dn, password) + except (ldap.INVALID_CREDENTIALS, ldap.UNWILLING_TO_PERFORM, + ldap.NO_SUCH_OBJECT): + util.redirect(req, '/ipa/migration/invalid.html') + except ldap.LDAPError: + util.redirect(req, '/ipa/migration/error.html') + conn.unbind_s() + util.redirect(req, '/ipa/ui') + -- cgit