fixed recursive behavior for -g option and DNs without unix mappings

2019-01-31 14:54:53 +01:00
parent 6e405c71d8
commit 33e83502b8
1 changed files with 12 additions and 7 deletions
@@ -151,12 +151,12 @@ class LdapUserDir(object):
        """
        if self.page_size == 0:
            # Do not use paged results
-            self.logger.debug('not using paging since page_size is %d\n' % self.page_size)
+            self.logger.debug('not using paging since page_size is %d' % self.page_size)
            return self._ldap.search_s(base, scope, filterstr, attrlist,
                                       attrsonly)
        else:
            # Use paged results
-            self.logger.debug('paging with current page size set to %d\n' % self.page_size)
+            self.logger.debug('paging with current page size set to %d' % self.page_size)
            page_ctrl = SimplePagedResultsControl(criticality=True,
                                                  size=self.page_size,
                                                  cookie='')
@@ -354,7 +354,7 @@ class LdapUserDir(object):
                        sys.stdout.write('N.A.:')
                sys.stdout.write('\n')

-    def systemuser2dn(self, uname):
+    def systemuser2dn(self, uname, mssfu=True):
        """Converts a user's system username to the dn of the ldap directory
        by performing a search on ldap

@@ -374,7 +374,9 @@ class LdapUserDir(object):
           if no such user exists

        """
-        srch = '(&(objectClass=user)(!(objectClass=computer))(msSFU30UidNumber=*)(msSFU30HomeDirectory=*)(cn=%s))' % uname
+        srch = '(&(objectClass=user)(!(objectClass=computer))(cn=%s))' % uname
+        if mssfu:
+            srch = '(&(objectClass=user)(!(objectClass=computer))(msSFU30UidNumber=*)(msSFU30HomeDirectory=*)(cn=%s))' % uname

        self.logger.debug('systemuser2dn: %s' % srch)
        r = self.search_s_reconn(self.user_ou, ldap.SCOPE_SUBTREE, srch)
@@ -446,12 +448,13 @@ class LdapUserDir(object):
        list

        """
-        self.logger.debug('get_memberof for %s' % dn)
+        self.logger.debug('get_memberof: for dn: %s' % dn)

        srch = '(&)'
        if mssfu:
            srch = '(|(msSFU30GidNumber=*)(msSFU30UidNumber=*))'

+        self.logger.debug('get_memberof: query = %s' % srch )
        r = self.search_s_reconn(dn, ldap.SCOPE_BASE, srch,
                                 attrlist=['memberOf'])

@@ -470,12 +473,14 @@ class LdapUserDir(object):
                r2 = self.search_s_reconn(g, ldap.SCOPE_BASE, srch)
                if len(r2):
                    tmplist.append(g)
+                else:
+                    self.logger.debug('no msSFU info found for %s' % g)
            grplist = tmplist

        if recursive:
            tmplist = []
            for g in grplist:
-                tmplist.extend(self.get_memberof(g))
+                tmplist.extend(self.get_memberof(g, recursive=recursive))
            grplist.extend(tmplist)

        return grplist
@@ -508,7 +513,7 @@ class LdapUserDir(object):
           if CN cannot be identified in a resulting group
        """
        if not self.has_dn_format(user):
-            dnname = self.systemuser2dn(user)
+            dnname = self.systemuser2dn(user, mssfu=mssfu)
        else:
            dnname = user