univention.connector package

univention.connector package#

univention.connector.decode_guid(value)[source]#
univention.connector.generate_strong_password(length=24)[source]#
univention.connector.set_ucs_passwd_user(connector, key, ucs_object)[source]#

set random password to fulfill required values

univention.connector.check_ucs_lastname_user(connector, key, ucs_object)[source]#

check if required values for lastname are set

univention.connector.set_primary_group_user(connector, key, ucs_object)[source]#

check if correct primary group is set

univention.connector.dictonary_lowercase(dict_)[source]#
univention.connector.compare_normal(val1, val2)[source]#
univention.connector.compare_lowercase(val1, val2)[source]#
class univention.connector.configdb(filename)[source]#

Bases: object

get_by_value(section, option)[source]#
get(section, option)[source]#
set(section, option, value)[source]#
items(section)[source]#
remove_option(section, option)[source]#
has_section(section)[source]#
add_section(section)[source]#
has_option(section, option)[source]#
class univention.connector.RFC4514_dn[source]#

Bases: object

special_dn_chars = '"+,;<=>'#
pattern = '(\\\\")|(\\\\\\+)|(\\\\,)|(\\\\;)|(\\\\<)|(\\\\=)|(\\\\>)'#
match = re.compile('(\\\\")|(\\\\\\+)|(\\\\,)|(\\\\;)|(\\\\<)|(\\\\=)|(\\\\>)')#
substs = ['\\22', '\\2B', '\\2C', '\\3B', '\\3C', '\\3D', '\\3E']#
replace()#
classmethod to_ad(dn)[source]#

Currently just for documentation purposes

classmethod to_openldap(dn)[source]#

Doing the inverse of RFC4514_dn.to_ad

class univention.connector.Mapping(mapping)[source]#

Bases: object

class univention.connector.attribute(ucs_attribute='', ldap_attribute='', con_attribute='', con_other_attribute='', required=0, single_value=False, compare_function='', mapping=(), reverse_attribute_check=False, sync_mode='sync', con_depends='', con_attribute_encoding='UTF-8')[source]#

Bases: object

A mapping attribute description

Parameters:

  • ucs_attribute (str) – The property name of the object in UDM

  • ldap_attribute (str) – The LDAP attribute name of the object in UCS LDAP

  • con_attribute (str) – The LDAP attribute name of the object in AD LDAP

  • con_other_attribute (str) – Further LDAP attribute name of the object in AD LDAP.

  • required (bool) – unused

  • single_value (bool) – Whether the attribute is single_value in the AD LDAP.

  • compare_function (callable) – A comparison function which compares raw ldap attribute values.

  • mapping – Mapping functions for (sync_to_ad, sync_to_ucs)

  • reverse_attribute_check – Make a reverse check of this mapping, if the mapping is not 1:1.

  • sync_mode – The syncronization direction (read, write, sync)

Ptype mapping:

tuple

Ptype reverse_attribute_check:

bool

Ptype sync_mode:

str

class univention.connector.property(ucs_default_dn='', con_default_dn='', ucs_module='', ucs_module_others=[], sync_mode='', scope='', con_search_filter='', ignore_filter=None, match_filter=None, allow_subtree=[], allow_filter=None, ignore_subtree=[], con_create_objectclass=[], con_create_attributes=[], dn_mapping_function=[], attributes=None, ucs_create_functions=[], post_con_create_functions=[], post_con_modify_functions=[], post_ucs_modify_functions=[], post_attributes=None, mapping_table=None, position_mapping=[], con_subtree_delete_objects=[])[source]#

Bases: object

class univention.connector.ucs(CONFIGBASENAME, _property, configRegistry, listener_dir, logfilename, debug_level)[source]#

Bases: object

init_ldap_connections()[source]#
dn_mapped_to_base(dn, base)[source]#

Introduced for Bug #33110: Fix case of base part of DN

open_ucs()[source]#
search_ucs(filter='(objectClass=*)', base='', scope='sub', attr=[], unique=0, required=0, timeout=-1, sizelimit=0)[source]#
init_debug()[source]#
close_debug()[source]#
list_rejected_ucs(filter_noresync=False)[source]#
get_dn_by_ucs(dn_ucs)[source]#
get_dn_by_con(dn_con)[source]#
context_log(property_type, obj, message='', to_ucs=True)[source]#
get_ucs_ldap_object_dn(dn)[source]#
get_ucs_ldap_object(dn)[source]#
get_ucs_object(property_type, dn)[source]#
initialize_ucs()[source]#
initialize()[source]#
resync_rejected_ucs()[source]#

tries to resync rejected changes from UCS

resync_rejected()[source]#
poll_ucs()[source]#

poll changes from UCS: iterates over files exported by directory-listener module

poll(show_deleted=True)[source]#
add_in_ucs(property_type, object, module, position)[source]#
modify_in_ucs(property_type, object, module, position)[source]#
move_in_ucs(property_type, object, module, position)[source]#
update_deleted_cache_after_removal(entryUUID, objectGUID)[source]#
was_entryUUID_deleted(entryUUID)[source]#
was_objectGUID_deleted_by_ucs(objectGUID)[source]#
delete_in_ucs(property_type, object, module, position)[source]#

Removes an AD object in UCS-LDAP

sync_to_ucs(property_type, object, pre_mapped_ad_dn, original_object)[source]#

Synchronize an object from AD-LDAP to UCS Open-LDAP.

Parameters:

  • property_type – the type of the object to be synced, must be part of the mapping. (e.g. “user”, “group”, “dc”, “windowscomputer”, etc.)

  • object – A dictionary describing the AD object. modtype: A modification type (“add”, “modify”, “move”, “delete”) dn: The DN of the object in the UCS-LDAP olddn: The olddn of the object object in UCS-LDAP (e.g. on “move” operation)

  • pre_mapped_ad_dn – pass

  • original_object – pass

Ptype object:

dict

identify_udm_object(dn, attrs)[source]#

Get the type of the specified UCS object

Subpackages#

Submodules#

univention.connector.adcache module#

class univention.connector.adcache.EntryDiff(old, new)[source]#

Bases: object

added()[source]#
removed()[source]#
changed()[source]#
class univention.connector.adcache.ADCache(filename)[source]#

Bases: object

Local cache for the current AD state of the adconnector. With this cache the connector has the possibility to create a diff between the new AD object and the old one from cache.

add_entry(guid, entry)[source]#
diff_entry(old_entry, new_entry)[source]#
get_entry(guid)[source]#
remove_entry(guid)[source]#
On this page