"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "salt/auth/ldap.py" between
salt-2019.2.0.tar.gz and salt-2019.2.1.tar.gz

About: SaltStack is a systems management software for data center automation, cloud orchestration, server provisioning, configuration management and more. Community version.

ldap.py  (salt-2019.2.0):ldap.py  (salt-2019.2.1)
skipping to change at line 334 skipping to change at line 334
AD handles group membership very differently than OpenLDAP. AD handles group membership very differently than OpenLDAP.
See the :ref:`External Authentication <acl-eauth>` documentation for a thoro ugh See the :ref:`External Authentication <acl-eauth>` documentation for a thoro ugh
discussion of available parameters for customizing the search. discussion of available parameters for customizing the search.
OpenLDAP allows you to search for all groups in the directory OpenLDAP allows you to search for all groups in the directory
and returns members of those groups. Then we check against and returns members of those groups. Then we check against
the username entered. the username entered.
''' '''
group_list = [] group_list = []
bind = auth(username, kwargs.get('password', None))
# If bind credentials are configured, use them instead of user's
if _config('binddn', mandatory=False) and _config('bindpw', mandatory=False)
:
bind = _bind_for_search(anonymous=_config('anonymous', mandatory=False))
else:
bind = _bind(username, kwargs.get('password', ''),
anonymous=_config('auth_by_group_membership_only', mandator
y=False)
and _config('anonymous', mandatory=False))
if bind: if bind:
log.debug('ldap bind to determine group membership succeeded!') log.debug('ldap bind to determine group membership succeeded!')
if _config('activedirectory'): if _config('activedirectory'):
try: try:
get_user_dn_search = '(&({0}={1})(objectClass={2}))'.format(_con fig('accountattributename'), get_user_dn_search = '(&({0}={1})(objectClass={2}))'.format(_con fig('accountattributename'),
user name, user name,
_con fig('persontype')) _con fig('persontype'))
user_dn_results = bind.search_s(_config('basedn'), user_dn_results = bind.search_s(_config('basedn'),
 End of changes. 1 change blocks. 
1 lines changed or deleted 10 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)