+def connect_to_ldap_and_check_if_locked(DnRecord):
+ # Connect to the ldap server
+ l = connectLDAP()
+ F = open(PassDir+"/pass-"+pwd.getpwuid(os.getuid())[0],"r");
+ AccessPass = F.readline().strip().split(" ")
+ F.close();
+ l.simple_bind_s("uid="+AccessPass[0]+","+BaseDn,AccessPass[1]);
+
+ # Check for a locked account
+ Attrs = l.search_s(BaseDn,ldap.SCOPE_ONELEVEL,"uid="+GetAttr(DnRecord,"uid"));
+ if (GetAttr(Attrs[0],"userPassword").find("*LK*") != -1) \
+ or GetAttr(Attrs[0],"userPassword").startswith("!"):
+ raise UDNotAllowedError, "This account is locked";
+