From: Peter Palfrader Date: Mon, 2 Aug 2010 20:35:49 +0000 (+0000) Subject: Let disabled-users generation use Account class X-Git-Tag: userdir-ldap-0.3.78~6^2~16 X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fuserdir-ldap.git;a=commitdiff_plain;h=059c1ab2073bf678019edafff8c515ed1d2c341a Let disabled-users generation use Account class --- diff --git a/UDLdap.py b/UDLdap.py index 74313b2..9e2d2ee 100644 --- a/UDLdap.py +++ b/UDLdap.py @@ -54,6 +54,8 @@ class Account: def pw_active(self): if self['userPassword'] == '{crypt}*LK*': return False + if self['userPassword'].startswith("!"): + return False return True # not expired diff --git a/ud-generate b/ud-generate index 1a40f67..c448701 100755 --- a/ud-generate +++ b/ud-generate @@ -638,22 +638,13 @@ def GenDisabledAccounts(File): I = 0 for x in PasswdAttrs: - if x[1].has_key("uidNumber") == 0: + a = UDLdap.Account(x[0], x[1]) + if a.pw_active(): continue - - Pass = GetAttr(x, "userPassword") - Line = "" - # *LK* is the reference value for a locked account - # password starting with ! is also a locked account - if Pass.find("*LK*") != -1 or Pass.startswith("!"): - # Format is : - Line = "%s:%s" % (GetAttr(x, "uid"), "Account is locked") - DisabledUsers.append(x) - - if Line != "": - F.write(Sanitize(Line) + "\n") - - + Line = "%s:%s" % (a['uid'], "Account is locked") + DisabledUsers.append(x) + F.write(Sanitize(Line) + "\n") + # Oops, something unspeakable happened. except: Die(File, F, None) @@ -1102,7 +1093,7 @@ for x in Attrs: SubGroupMap.setdefault(x[1]["gid"][0], []).extend(x[1]["subGroup"]) # Fetch all the users -PasswdAttrs = l.search_s(BaseDn, ldap.SCOPE_ONELEVEL, "uid=*",\ +PasswdAttrs = l.search_s(BaseDn, ldap.SCOPE_ONELEVEL, "(&(uid=*)(!(uidNumber=0)))",\ ["uid", "uidNumber", "gidNumber", "supplementaryGid",\ "gecos", "loginShell", "userPassword", "shadowLastChange",\ "shadowMin", "shadowMax", "shadowWarning", "shadowInactive",