diff --git a/ldapuserdir/ldapuserdir.py b/ldapuserdir/ldapuserdir.py index 7a016d8..c737ead 100644 --- a/ldapuserdir/ldapuserdir.py +++ b/ldapuserdir/ldapuserdir.py @@ -11,7 +11,7 @@ with an LDAP based user directory service """ import ldap -import ldap.ldapobject +#import ldap.ldapobject import os import sys import re @@ -70,13 +70,16 @@ class LdapUserDir(object): else: self.logger = logger - #self._ldap = ldap.initialize(self.serverurl, trace_level=0, - # trace_file=sys.stderr) + self._ldap = ldap.initialize(self.serverurl, trace_level=0, + trace_file=sys.stderr) # use a class which will try reconnections to the server by itself - self._ldap = ldap.ldapobject.ReconnectLDAPObject(self.serverurl, - trace_level=0, - trace_file=sys.stderr, - retry_max=2) + # self._ldap = ldap.ldapobject.ReconnectLDAPObject(self.serverurl, + # trace_level=0, + # trace_file=sys.stderr, + # retry_max=2) + # note: this strangely led to empty answers after some time of + # running on the test extranet deployment. Maybe need to manage that + # myself self.logger.debug('binding to: %s\n' % serverurl) self.logger.debug('binding as user: %s\n' % user_dn) try: @@ -88,6 +91,36 @@ class LdapUserDir(object): except ldap.LDAPError, e: raise + def search_s_reconn(self, base, scope, filterstr='(objectClass=*)', + attrlist=None, attrsonly=0, recon_attempts = 2): + """ wrapper of standard ldap.search_s synchronous search that + tries to reconnect + """ + attempts = 0 + ok = False + while ok == False: + try: + ok = True + attempts += 1 + repl = self._ldap.search_s(base, scope, filterstr, attrlist, + attrsonly) + except ldap.SERVER_DOWN: + self.logger.warning("Got ldap server down: Reconnecting (try %s)" + % attempts) + try: + self._ldap = ldap.initialize(self.serverurl, trace_level=0, + trace_file=sys.stderr) + except ldap.SERVER_DOWN: + time.sleep(1) + + if attempts >= recon_attempts: + raise + ok = False + + return repl + + #def search_s(self,base,scope,filterstr='(objectClass=*)',attrlist=None,attrsonly=0): + def get_users(self, filter='*', ou=None): """get the names of all users from the directory service @param filter A filter expression used for the cn part of the ldap dn @@ -97,7 +130,7 @@ class LdapUserDir(object): if ou == None: user_ou = self.user_ou #try: - r = self._ldap.search_s(user_ou, ldap.SCOPE_SUBTREE, + r = self.search_s_reconn(user_ou, ldap.SCOPE_SUBTREE, self.searches['get_users'] % filter) #except ldap.LDAPError, e: # print e @@ -144,7 +177,7 @@ class LdapUserDir(object): #try: srch = self.searches['systemuser2dn'] % uname self.logger.debug('systemuser2dn: %s' % srch) - r = self._ldap.search_s(self.user_ou, ldap.SCOPE_SUBTREE, srch) + r = self.search_s_reconn(self.user_ou, ldap.SCOPE_SUBTREE, srch) #except ldap.LDAPError, e: # print e if len(r) == 0: @@ -165,7 +198,7 @@ class LdapUserDir(object): #try: srch = self.searches['get_groups_struct'] % gfilter self.logger.debug('get_groups_struct: %s' % srch) - r = self._ldap.search_s(group_ou, ldap.SCOPE_SUBTREE, srch) + r = self.search_s_reconn(group_ou, ldap.SCOPE_SUBTREE, srch) #except ldap.LDAPError, e: # print e return r @@ -190,7 +223,7 @@ class LdapUserDir(object): srch = self.searches['get_groups_for_user'] % (gfilter, dnname) self.logger.debug('get_groups_for_user: %s' % srch) - r = self._ldap.search_s(group_ou, ldap.SCOPE_SUBTREE, srch) + r = self.search_s_reconn(group_ou, ldap.SCOPE_SUBTREE, srch) reslist = [] for dn, entry in r: