diff --git a/ldapuserdir/ldapuserdir.py b/ldapuserdir/ldapuserdir.py index 9a0d633..f236c82 100644 --- a/ldapuserdir/ldapuserdir.py +++ b/ldapuserdir/ldapuserdir.py @@ -55,6 +55,8 @@ class LdapUserDir(object): self.serverurl = serverurl self.group_ou = group_ou self.user_ou = user_ou + self.user_dn = user_dn + self.user_pw = user_pw # whether to only search for entries with msSFU mappings # i.e. with existing unix attributes @@ -89,9 +91,10 @@ class LdapUserDir(object): self.logger.debug('binding to: %s\n' % serverurl) self.logger.debug('binding as user: %s\n' % user_dn) try: - self._ldap.bind_s(user_dn, user_pw) + self._ldap.bind_s(self.user_dn, self.user_pw) except ldap.INVALID_CREDENTIALS, e: - self.logger.error('Authentication failure for dn:"%s"\n' % user_dn) + self.logger.error('Authentication failure for dn:"%s"\n' % + self.user_dn) raise # need to clean that later except ldap.LDAPError, e: @@ -114,9 +117,15 @@ class LdapUserDir(object): attempts += 1 repl = self._ldap.search_s(base, scope, filterstr, attrlist, attrsonly) - except ldap.SERVER_DOWN: - self.logger.warning("Got ldap server down: Reconnecting (try %s)" - % attempts) + except Exception, err: + ok = False + self.logger.warning("Got ldap error: Reconnecting (try %s). " + % attempts + + "Error was: " + str(err)) + if attempts >= recon_attempts: + raise + + # we try to reconnect and rebind try: del self._ldap except Exception, err: @@ -138,10 +147,19 @@ class LdapUserDir(object): " (server: %s)" % self.serverurl + ": %s" % str(err)) - - if attempts >= recon_attempts: - raise - ok = False + + try: + self._ldap.bind_s(self.user_dn, self.user_pw) + except ldap.INVALID_CREDENTIALS, e: + self.logger.error('Authentication failure for dn:"%s"\n' + % self.user_dn) + except Exception, err: + self.logger.warning("ldap binding error" + + " (server: %s)" % + self.serverurl + + ": %s" % str(err)) + + return repl