fixed ldap rebind issue

2012-12-10 17:53:09 +01:00
parent 40ed2cebe9
commit 3c0140dbbd
1 changed files with 27 additions and 9 deletions
--- a/ldapuserdir/ldapuserdir.py
+++ b/ldapuserdir/ldapuserdir.py
@@ -55,6 +55,8 @@ class LdapUserDir(object):
        self.serverurl = serverurl
        self.group_ou = group_ou
        self.user_ou = user_ou
+        self.user_dn = user_dn
+        self.user_pw = user_pw

        # whether to only search for entries with msSFU mappings
        #  i.e. with existing unix attributes
@@ -89,9 +91,10 @@ class LdapUserDir(object):
        self.logger.debug('binding to: %s\n' % serverurl)
        self.logger.debug('binding as user: %s\n' % user_dn)
        try:
-            self._ldap.bind_s(user_dn, user_pw)
+            self._ldap.bind_s(self.user_dn, self.user_pw)
        except ldap.INVALID_CREDENTIALS, e:
-            self.logger.error('Authentication failure for dn:"%s"\n' % user_dn)
+            self.logger.error('Authentication failure for dn:"%s"\n' %
+                              self.user_dn)
            raise
        # need to clean that later
        except ldap.LDAPError, e:
@@ -114,9 +117,15 @@ class LdapUserDir(object):
                attempts += 1
                repl = self._ldap.search_s(base, scope, filterstr, attrlist,
                                       attrsonly)
-            except ldap.SERVER_DOWN:
-                self.logger.warning("Got ldap server down: Reconnecting (try %s)"
-                                    % attempts)
+            except Exception, err:
+                ok = False
+                self.logger.warning("Got ldap error: Reconnecting (try %s). "
+                                    % attempts +
+                "Error was: " + str(err))
+                if attempts >= recon_attempts:
+                    raise
+
+                # we try to reconnect and rebind
                try:
                    del self._ldap
                except Exception, err:
@@ -138,10 +147,19 @@ class LdapUserDir(object):
                                        " (server: %s)" %
                                        self.serverurl
                                        + ": %s" % str(err))
-                    
-                if attempts >= recon_attempts:
-                    raise
-                ok = False
+
+                try:
+                    self._ldap.bind_s(self.user_dn, self.user_pw)
+                except ldap.INVALID_CREDENTIALS, e:
+                    self.logger.error('Authentication failure for dn:"%s"\n'
+                                      % self.user_dn)
+                except Exception, err:
+                    self.logger.warning("ldap binding error" +
+                                        " (server: %s)" %
+                                        self.serverurl
+                                        + ": %s" % str(err))
+
+

        return repl