4 commits - conf/kolab.conf pykolab/setup pykolab/utils.py
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Mon Apr 29 15:48:18 CEST 2013
conf/kolab.conf | 7 +++++++
pykolab/setup/setup_ldap.py | 32 +++++++++++++++++++++++++++++++-
pykolab/utils.py | 25 +++++++++++++++++++++++++
3 files changed, 63 insertions(+), 1 deletion(-)
New commits:
commit d42a9205b56948ed265ea7a818281a56ba296461
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Mon Apr 29 15:43:57 2013 +0200
Add a --with-ad option for the LDAP setup
diff --git a/pykolab/setup/setup_ldap.py b/pykolab/setup/setup_ldap.py
index acb4cea..5eb05d5 100644
--- a/pykolab/setup/setup_ldap.py
+++ b/pykolab/setup/setup_ldap.py
@@ -76,6 +76,14 @@ def cli_options():
help = _("Setup configuration for OpenLDAP compatibility.")
)
+ ldap_group.add_option(
+ "--with-ad",
+ dest = "with_ad",
+ action = "store_true",
+ default = False,
+ help = _("Setup configuration for Active Directory compatibility.")
+ )
+
def description():
return _("Setup LDAP.")
@@ -91,7 +99,7 @@ def execute(*args, **kw):
_input = {}
- if conf.with_openldap:
+ if conf.with_openldap and not conf.with_ad:
conf.command_set('ldap', 'unique_attribute', 'entryuuid')
@@ -101,6 +109,28 @@ def execute(*args, **kw):
return
+ elif conf.with_ad and not conf.with_openldap:
+ conf.command_set('ldap', 'auth_attributes', 'samaccountname')
+ conf.command_set('ldap', 'modifytimestamp_format', '%%Y%%m%%d%%H%%M%%S.0Z')
+ conf.command_set('ldap', 'unique_attribute', 'userprincipalname')
+
+ # TODO: These attributes need to be checked
+ conf.command_set('ldap', 'mail_attributes', 'mail')
+ conf.command_set('ldap', 'mailserver_attributes', 'mailhost')
+ conf.command_set('ldap', 'quota_attribute', 'mailquota')
+
+ return
+
+ elif conf.with_ad and conf.with_openldap:
+ print >> sys.stderr, utils.multiline_message(
+ _("""
+ You can not configure Kolab to run against OpenLDAP
+ and Active Directory simultaneously.
+ """)
+ )
+
+ sys.exit(1)
+
# Pre-execution checks
for path, directories, files in os.walk('/etc/dirsrv/'):
for direct in directories:
commit ab36c62050a7967131a7cf8e4e1719c6f449a5ca
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Mon Apr 29 15:43:33 2013 +0200
Add a note on the possible value of this Active Directory unique_attribute
diff --git a/conf/kolab.conf b/conf/kolab.conf
index 840cbd7..0725b19 100644
--- a/conf/kolab.conf
+++ b/conf/kolab.conf
@@ -122,6 +122,8 @@ quota_attribute = mailquota
;
; For OpenLDAP, use 'entrydn' - the 'entryUUID' can regrettably not be searched
; with.
+;
+; For Active Directory, use 'objectsid'.
unique_attribute = nsuniqueid
; Attribute names that hold valid, internal recipient addresses. Note the use
commit eaa8dd5365dc22c21d8a5515712362f5934a296a
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Mon Apr 29 15:30:39 2013 +0200
Handle objectSid binary blobs to be a unique_attribute attribute name
diff --git a/pykolab/utils.py b/pykolab/utils.py
index 46b257e..b0de166 100644
--- a/pykolab/utils.py
+++ b/pykolab/utils.py
@@ -21,6 +21,7 @@ import getpass
import grp
import os
import pwd
+import struct
import sys
import pykolab
@@ -300,16 +301,22 @@ def normalize(_object):
if type(_object[key]) == list:
if _object[key] == None:
continue
+
if len(_object[key]) == 1:
result[key.lower()] = ''.join(_object[key])
else:
result[key.lower()] = _object[key]
+
else:
if _object[key] == None:
continue
+
# What the heck?
result[key.lower()] = _object[key]
+ if result.has_key('objectsid') and not result['objectsid'][0] == "S":
+ result['objectsid'] = sid_to_string(result['objectsid'])
+
if result.has_key('sn'):
result['surname'] = result['sn'].replace(' ', '')
@@ -414,6 +421,24 @@ def pop_empty_from_list(_input_list):
if not item == '':
_output_list.append(item)
+def sid_to_string(sid):
+ srl = ord(sid[0])
+ number_sub_id = ord(sid[1])
+ iav = struct.unpack('!Q', '\x00\x00' + sid[2:8])[0]
+
+ sub_ids = []
+
+ for i in range(number_sub_id):
+ sub_ids.append(struct.unpack('<I',sid[8+4*i:12+4*i])[0])
+
+ result = 'S-%d-%d-%s' % (
+ srl,
+ iav,
+ '-'.join([str(s) for s in sub_ids]),
+ )
+
+ return result
+
def standard_root_dn(domain):
return 'dc=%s' % (',dc='.join(domain.split('.')))
commit aa6b4ce6943f6603930ae3dec97c8ffdf9561368
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Mon Apr 29 13:59:44 2013 +0200
Add the new setting [kolab] sync_interval to the default configuration
diff --git a/conf/kolab.conf b/conf/kolab.conf
index e0f64c3..840cbd7 100644
--- a/conf/kolab.conf
+++ b/conf/kolab.conf
@@ -17,6 +17,11 @@ imap_backend = cyrus-imap
; The default locale for this Kolab Groupware installation
default_locale = en_US
+; Synchronization interval - describes the number of seconds to wait in
+; between non-persistent synchronization attempts. Relevant only for
+; deployments that lack persistent search and syncrepl ldap controls.
+sync_interval = 300
+
[ldap]
; The URI to LDAP
ldap_uri = ldap://localhost:389
More information about the commits
mailing list