Compare commits

..

2 Commits

Author SHA1 Message Date
1e2f119f7f
add findlastuid function 2023-06-20 23:48:43 +02:00
237e7bd14e
add all functionality for basealt 2023-06-20 20:25:57 +02:00

View File

@ -13,12 +13,33 @@ class LUSER():
''' '''
def expandbase(self): def findlastuid(self):
'''
Return the largest uidNumber attribute of all users in base
'''
self.ldapconnection.search(search_base=self.base,search_filter=f'(objectClass=inetOrgPerson)', attributes=['uidNumber'])
alluids = self.ldapconnection.response
max = 0
for i in alluids:
i_uid = i['attributes']['uidNumber']
if i_uid > max:
max = i_uid
return max
def expandbase(self, basealt = ''):
''' '''
Extract orgnaization, name of dc object and full domain part with all dc values from base Extract orgnaization, name of dc object and full domain part with all dc values from base
basealt := string base in LDAP system where users are made, if not set the function uses base specified on creation of LUSER instance (self.base)
''' '''
# Split base string with commas to find values of organization and dc # Split base string with commas to find values of organization and dc
if basealt == '':
baselist = self.base.split(",") baselist = self.base.split(",")
else:
baselist = self.basealt.split(",")
organization = '' organization = ''
dc = '' dc = ''
@ -49,22 +70,32 @@ class LUSER():
return organization, dc, dcfull, domain return organization, dc, dcfull, domain
def __init__(self, ldap_host, admin_user, admin_pass, base, basealt='', autoconnect=True): def __init__(self, ldap_host, admin_user, admin_pass, base, basealt='', autoconnect=True, lastUID = 1000):
self.ldap_host = ldap_host self.ldap_host = ldap_host
self.admin_user = admin_user self.admin_user = admin_user
self.admin_pass = admin_pass self.admin_pass = admin_pass
self.base = base self.base = base
self.organization, self.dc, self.dcfull, self.domain = self.expandbase()
self.basealt = basealt self.basealt = basealt
self.organization, self.dc, self.dcfull, self.domain = self.expandbase()
self.organizationalt, self.dcalt, self.dcfullalt, self.domainalt = self.expandbase(self.basealt)
self.alt = True self.alt = True
self.autoconnect = autoconnect self.autoconnect = autoconnect
ldapserver = Server(ldap_host, use_ssl=True) ldapserver = Server(ldap_host, use_ssl=True)
lastuidfound = 0
if self.autoconnect: if self.autoconnect:
self.ldapconnection = Connection(ldapserver, admin_user, admin_pass, auto_bind=True) self.ldapconnection = Connection(ldapserver, admin_user, admin_pass, auto_bind=True)
# uid and gid of most recently registered users # uid and gid of most recently registered users
self.lastuid = 1337 lastuidfound = self.findlastuid()
self.lastgid = 1337 else:
self.ldapconnection = Connection(ldapserver, admin_user, admin_pass, auto_bind=False)
if lastuidfound == 0:
self.lastuid = lastUID
self.lastgid = lastUID
else:
self.lastuid = lastuidfound
self.lastgid = lastuidfound
# Set alt boolean to false if basealt not set # Set alt boolean to false if basealt not set
if basealt == '': if basealt == '':
@ -82,9 +113,14 @@ class LUSER():
rcode2 = self.ldapconnection.add(self.base, ['top', 'organizationalUnit'], {'ou' : self.organization}) rcode2 = self.ldapconnection.add(self.base, ['top', 'organizationalUnit'], {'ou' : self.organization})
# Return True only if all return values are true # Add dcobject and organizational units as above for base alt
rcode3 = True
rcode4 = True
if self.alt:
rcode3 = self.ldapconnection.add(f'dc={self.dcfull}', ['dcObject', 'organization'], {'o' : self.dc, 'dc' : self.dc})
rcode4 = self.ldapconnection.add(self.base, ['top', 'organizationalUnit'], {'ou' : self.organization})
return rcode1 and rcode2 return rcode1 and rcode2 and rcode3 and rcode4
def lastpwchangenow(self): def lastpwchangenow(self):
''' '''
@ -106,7 +142,6 @@ class LUSER():
self.lastuid += 1 self.lastuid += 1
self.lastgid += 1 self.lastgid += 1
# Add user to base # Add user to base
id = f"uid={user}" id = f"uid={user}"
@ -116,7 +151,7 @@ class LUSER():
# Attributes for a user entry # Attributes for a user entry
attributes = {'cn' : user, 'sn' : user, 'givenName' : user, 'uid' : user, 'uidNumber' : self.lastuid, 'gidNumber' : self.lastgid, 'homeDirectory' : f'/home/{user}', 'loginShell' : '/usr/bin/git-shell', 'gecos' : 'SystemUser', 'shadowLastChange' : self.lastpwchangenow(), 'shadowMax' : '45', 'userPassword' : password, 'mail' : f'{user}@{self.domain}' } attributes = {'cn' : user, 'sn' : user, 'givenName' : user, 'uid' : user, 'uidNumber' : self.lastuid, 'gidNumber' : self.lastgid, 'homeDirectory' : f'/home/{user}', 'loginShell' : '/usr/bin/git-shell', 'gecos' : 'SystemUser', 'shadowLastChange' : self.lastpwchangenow(), 'shadowMax' : '45', 'userPassword' : password, 'mail' : f'{user}@{self.domain}' }
attributesalt = {'cn' : user, 'sn' : user, 'givenName' : user, 'uid' : user, 'uidNumber' : self.lastuid, 'gidNumber' : self.lastgid, 'homeDirectory' : f'/home/{user}', 'loginShell' : '/usr//bin/git-shell', 'gecos' : 'SystemUser', 'shadowLastChange' : self.lastpwchangenow(), 'shadowMax' : '45', 'userPassword' : althash, 'mail' : f'{user}@{self.domain}'} attributesalt = {'cn' : user, 'sn' : user, 'givenName' : user, 'uid' : user, 'uidNumber' : self.lastuid, 'gidNumber' : self.lastgid, 'homeDirectory' : f'/home/{user}', 'loginShell' : '/usr//bin/git-shell', 'gecos' : 'SystemUser', 'shadowLastChange' : self.lastpwchangenow(), 'shadowMax' : '45', 'userPassword' : althash, 'mail' : f'{user}@{self.domainalt}'}
# Return boolean value of new user entry # Return boolean value of new user entry
rcode1 = self.ldapconnection.add(f'{id},{self.base}', objectClass, attributes) rcode1 = self.ldapconnection.add(f'{id},{self.base}', objectClass, attributes)