univention.connector.ad package
Contents
univention.connector.ad package¶
- univention.connector.ad.samaccountname_dn_mapping(connector, given_object, dn_mapping_stored, ucsobject, propertyname, propertyattrib, ocucs, ucsattrib, ocad, dn_attr=None)[source]¶
map dn of given object (which must have an samaccountname in AD) ocucs and ocad are objectclasses in UCS and AD
- univention.connector.ad.user_dn_mapping(connector, given_object, dn_mapping_stored, isUCSobject)[source]¶
map dn of given user using the samaccountname/uid connector is an instance of univention.connector.ad, given_object an object-dict, dn_mapping_stored a list of dn-types which are already mapped because they were stored in the config-file
- univention.connector.ad.group_dn_mapping(connector, given_object, dn_mapping_stored, isUCSobject)[source]¶
map dn of given group using the samaccountname/cn connector is an instance of univention.connector.ad, given_object an object-dict, dn_mapping_stored a list of dn-types which are already mapped because they were stored in the config-file
- univention.connector.ad.windowscomputer_dn_mapping(connector, given_object, dn_mapping_stored, isUCSobject)[source]¶
map dn of given windows computer using the samaccountname/uid connector is an instance of univention.connector.ad, given_object an object-dict, dn_mapping_stored a list of dn-types which are already mapped because they were stored in the config-file
- class univention.connector.ad.LDAPEscapeFormatter[source]¶
Bases:
string.FormatterA custom string formatter that supports a special e conversion, to employ the function ldap.filter.escape_filter_chars() on the given value.
>>> LDAPEscapeFormatter().format("{0}", "*") '*' >>> LDAPEscapeFormatter().format("{0!e}", "*") '\2a'
Unfortunately this does not support the key/index-less variant (see http://bugs.python.org/issue13598).
>>> LDAPEscapeFormatter().format("{!e}", "*") Traceback (most recent call last): KeyError: ''
- univention.connector.ad.format_escaped(format_string, *args, **kwargs)[source]¶
Convenience-wrapper around LDAPEscapeFormatter.
Use !e do denote format-field that should be escaped using ldap.filter.escape_filter_chars()’
>>> format_escaped("{0!e}", "*") '\2a'
- class univention.connector.ad.ad(CONFIGBASENAME, property, configRegistry, ad_ldap_host, ad_ldap_port, ad_ldap_base, ad_ldap_binddn, ad_ldap_bindpw, ad_ldap_certificate, listener_dir, max_retry_rejected, logfilename=None, debug_level=None)[source]¶
Bases:
univention.connector.ucs- RANGE_RETRIEVAL_PATTERN = re.compile('^([^;]+);range=(\\d+)-(\\d+|\\*)$')¶
- set_primary_group_to_ucs_user(object_key, object_ucs)[source]¶
check if correct primary group is set to a fresh UCS-User
- object_memberships_sync_from_ucs(key, object)[source]¶
sync group membership in AD if object was changend in UCS
- object_memberships_sync_to_ucs(key, object)[source]¶
sync group membership in UCS if object was changend in AD
- one_group_member_sync_to_ucs(ucs_group_object, object)[source]¶
sync groupmembers in UCS if changend one member in AD
Submodules¶
univention.connector.ad.main module¶
univention.connector.ad.mapping module¶
- univention.connector.ad.mapping.ignore_filter_from_tmpl(template, ucr_key, default='')[source]¶
Construct an ignore_filter from a ucr_key (connector/ad/mapping/*/ignorelist, a comma delimited list of values), as specified by template while correctly escaping the filter-expression.
template must be formatted as required by format_escaped.
>>> ignore_filter_from_tmpl('(cn={0!e})', ... 'connector/ad/mapping/nonexistend/ignorelist', ... 'one,two,three') '(|(cn=one)(cn=two)(cn=three))'
- univention.connector.ad.mapping.ignore_filter_from_attr(attribute, ucr_key, default='')[source]¶
Convenience-wrapper around ignore_filter_from_tmpl().
This expects a single attribute instead of a template argument.
>>> ignore_filter_from_attr('cn', ... 'connector/ad/mapping/nonexistend/ignorelist', ... 'one,two,three') '(|(cn=one)(cn=two)(cn=three))'