From a70f3be796ae5acc01cbe3f26b0794e1e525867d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tuncay=20=C3=87OLAK?= Date: Fri, 3 Apr 2020 14:22:30 +0300 Subject: [PATCH] cancel ad authentication module added --- .../execute_cancel_sssd_ad_authentication.py | 208 ++++------- .../execute_sssd_ad_authentication.py | 323 +++++++++--------- src/plugins/ldap-login/execute_ad_login.py | 2 - 3 files changed, 216 insertions(+), 317 deletions(-) diff --git a/src/base/registration/execute_cancel_sssd_ad_authentication.py b/src/base/registration/execute_cancel_sssd_ad_authentication.py index 3d14123..6a37d05 100644 --- a/src/base/registration/execute_cancel_sssd_ad_authentication.py +++ b/src/base/registration/execute_cancel_sssd_ad_authentication.py @@ -6,53 +6,44 @@ from base.scope import Scope from base.util.util import Util import re - class ExecuteCancelSSSDAdAuthentication: def __init__(self): scope = Scope().get_instance() self.logger = scope.get_logger() self.util = Util() + self.ad_info_path = "/etc/ahenk/ad_info" def cancel(self): - - # Deleting packages require for AD entegration - - self.util.execute("apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y") - self.util.execute("apt autoremove -y") - - # Read information about AD - - if self.util.is_exist("/etc/ahenk/ad_info"): - file_data = open("/etc/ahenk/ad_info","r") - ip_address = (file_data.readline()) - host_name = (file_data.readline()) - file_data.close() - self.logger.info("ad_info dosyasından bilgiler başarılı bir şekilde alındı.") - else: - self.logger.error("ad_info dosyasına ulaşılamadı ") - - try: + # Deleting packages require for AD entegration + self.util.execute( + "apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y") + self.util.execute("apt autoremove -y") + + # Read information about AD + if self.util.is_exist(self.ad_info_path): + file_data = self.util.read_file_by_line(self.ad_info_path) + self.ip_address = file_data[0].strip("\n") + self.host_name = file_data[1].strip("\n") + self.logger.info(self.ip_address) + self.logger.info(self.host_name) + self.logger.info("Information read successfully from ad_info.") + else: + self.logger.error("ad_info file not found") + if self.util.is_exist("/etc/sssd"): - self.util.delete_folder("/etc/sssd") + # self.util.delete_folder("/etc/sssd") self.logger.info("SSSD is deleted") else: self.logger.info("SSSD is not exist") - except Exception as e: - self.logger.error("Error while running /etc/SSSD.. Error Message " + str(e)) - - # Re-Configure dhclient.conf deleting AD IP address - - - - try: + # Re-Configure dhclient.conf deleting AD IP address dhclient_conf_path = "/etc/dhcp/dhclient.conf" file_dhclient = open(dhclient_conf_path, 'r') file_data = file_dhclient.read() - if "prepend domain-name-servers {};".format(ip_address) in file_data: - file_data = file_data.replace(("prepend domain-name-servers {};".format(ip_address)), + if "prepend domain-name-servers {};".format(self.ip_address) in file_data: + file_data = file_data.replace(("prepend domain-name-servers {};".format(self.ip_address)), "#prepend domain-name-servers 127.0.0.1;") self.logger.info("dhclient is reconfigured") else: @@ -63,77 +54,13 @@ class ExecuteCancelSSSDAdAuthentication: file_dhclient.write(file_data) file_dhclient.close() - except Exception as e: - self.logger.error("Error while running /dhcp/dhclient.conf.. Error Message " + str(e)) - - - # Pattern for clearing file data from spaces, tabs and newlines - - # pattern = re.compile(r'\s+') - -# # Re-Configure nsswitch.conf -# file_ns_switch = open("/etc/nsswitch.conf", 'r') -# file_data = file_ns_switch.read() -# -# # Cleared file data from spaces, tabs and newlines -# text = pattern.sub('', file_data) -# #BİR BİR BİR BAKKKKKKKKK -# did_configuration_change = False -# if "passwd:" in text: -# file_data = file_data.replace("passwd: files systemd sss", "passwd: compat") -# did_configuration_change = True -# self.logger.info("passwd:compatss BAŞARILI") -# -# -# if "group:" in text: -# file_data = file_data.replace("group: files systemd sss", "group: compat") -# did_configuration_change = True -# self.logger.info("group:compatss BAŞARILI") -# -# -# -# if "shadow:" in text: -# file_data = file_data.replace("shadow: files sss", "shadow: compat") -# did_configuration_change = True -# self.logger.info("shadow:compatss BAŞARILI") -# -# -# if "services:" in text: -# file_data = file_data.replace("services: db files sss", "services: db files") -# did_configuration_change = True -# self.logger.info("services:compatss BAŞARILI") -# -# -# if "netgroup:" in text: -# file_data = file_data.replace("netgroup: nis sss", "netgroup: nis") -# did_configuration_change = True -# self.logger.info("netgroup:nissss BAŞARILI") -# -# -# if "sudoers:" in text: -# file_data = file_data.replace("sudoers: files sss", " ") -# did_configuration_change = True -# self.logger.info("sudoers:filessss BAŞARILI") -# -# -# if did_configuration_change: -# self.logger.info("nsswitch.conf configuration has been configured") -# else: -# self.logger.info("nsswitch.conf has already been configured") -# -# file_ns_switch.close() -# file_ns_switch = open("/etc/nsswitch.conf", 'w') -# file_ns_switch.write(file_data) -# file_ns_switch.close() - - # Configure hosts for deleting AD "IP address" and "AD hostname" - try: + # Configure hosts for deleting AD "IP address" and "AD hostname" hosts_conf_path = "/etc/hosts" file_hosts = open(hosts_conf_path, 'r') file_data = file_hosts.read() - if ("{0} {1}".format(ip_address, host_name)) in file_data: - file_data = file_data.replace(("{0} {1}".format(ip_address, host_name)), " ") + if ("{0} {1}".format(self.ip_address, self.host_name)) in file_data: + file_data = file_data.replace(("{0} {1}".format(self.ip_address, self.host_name)), " ") self.logger.info("hosts is configured") else: self.logger.error("hosts is not configured") @@ -142,15 +69,8 @@ class ExecuteCancelSSSDAdAuthentication: file_hosts.write(file_data) file_hosts.close() - except Exception as e: - self.logger.error("Error while running /etc/hosts.. Error Message " + str(e)) - - # Configure common-session for deleting home directories for AD users - - - try: + # Configure common-session for deleting home directories for AD users common_session_conf_path = "/etc/pam.d/common-session" - file_common_session = open(common_session_conf_path, 'r') file_data = file_common_session.read() @@ -165,50 +85,42 @@ class ExecuteCancelSSSDAdAuthentication: file_common_session.write(file_data) file_common_session.close() - except Exception as e: - self.logger.error("Error while running /etc/pam.d/common-session.. Error Message " + str(e)) + # Configure resolv.conf for deleting AD IP address + resolv_conf_path = "/etc/resolv.conf" + file_resolv = open(resolv_conf_path, 'r') + file_data = file_resolv.read() - # Configure resolv.conf for deleting AD IP address - - resolv_conf_path = "/etc/resolv.conf" - - file_resolv = open(resolv_conf_path, 'r') - file_data = file_resolv.read() - - if ("nameserver {0}".format(ip_address)) in file_data: - file_data = file_data.replace(("nameserver {0}".format(ip_address)), "") - self.logger.info("resolv.conf is configured") - else: - self.logger.error("resolv is not configured") - - file_resolv.close() - file_resolv = open(resolv_conf_path, 'w') - file_resolv.write(file_data) - file_resolv.close() - - # Deleting ad_info file - - - try: - if self.util.is_exist("/etc/ahenk/ad_info"): - (result_code, p_out, p_err) = self.util.execute("rm -rf /etc/ahenk/ad_info") - if (result_code == 0): - self.logger.info("ad_info Başarılı bir şekilde silindi") - else: - self.logger.error("ad_info silinemedi : " + str(p_err)) + if ("nameserver {0}".format(self.ip_address)) in file_data: + file_data = file_data.replace(("nameserver {0}".format(self.ip_address)), "") + self.logger.info("resolv.conf is configured") else: - self.logger.error("ad_info dosyasına ulaşılamadı ") + self.logger.error("resolv is not configured") + + file_resolv.close() + file_resolv = open(resolv_conf_path, 'w') + file_resolv.write(file_data) + file_resolv.close() + + # Deleting ad_info file + if self.util.is_exist(self.ad_info_path): + self.util.delete_file(self.ad_info_path) + self.logger.info("Deleted ad_info file") + else: + self.logger.error("ad_info file not found") + + # Configure lightdm.service + pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf" + if self.util.is_exist(pardus_xfce_path): + self.logger.info("99-pardus-xfce.conf exists. Deleting file.") + self.util.delete_file(pardus_xfce_path) + self.util.execute("systemctl restart nscd.service") + else: + self.logger.info("99-pardus-xfce.conf not found") + + self.logger.info("AD Login iptal etme işlemi başarı ile sağlandı.") + return True except Exception as e: - self.logger.error("Error while running /ad_infoyu SİLERKEN.. Error Message " + str(e)) - - - # Configure lightdm.service - pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf" - if self.util.is_exist(pardus_xfce_path): - self.logger.info("99-pardus-xfce.conf exists. Deleting file.") - self.util.delete_file(pardus_xfce_path) - self.util.execute("systemctl restart nscd.service") - - self.logger.info("LDAP Login iptal etme işlemi başarı ile sağlandı.") - + self.logger.error(str(e)) + self.logger.info("AD Login İptal etme işlemi esnasında hata oluştu.") + return False diff --git a/src/base/registration/execute_sssd_ad_authentication.py b/src/base/registration/execute_sssd_ad_authentication.py index c50b365..7cdf993 100644 --- a/src/base/registration/execute_sssd_ad_authentication.py +++ b/src/base/registration/execute_sssd_ad_authentication.py @@ -2,7 +2,6 @@ # -*- coding: utf-8 -*- # Author: Agah Hulusi ÖZ - from base.scope import Scope from base.util.util import Util @@ -12,208 +11,198 @@ class ExecuteSSSDAdAuthentication: self.logger = scope.get_logger() self.util = Util() - # self.domain_name = "engerek.local" - # self.host_name = "liderahenk.engerek.local" - # self.ip_address = "172.16.103.28" - # self.password = "Pp123456" - - def authenticate(self, domain_name, host_name, ip_address, password, ad_username): + try: + # Create and Configure ad_info file + (result_code, p_out, p_err) = self.util.create_file("/etc/ahenk/ad_info") + if (result_code == 0): + self.logger.info("AD INFO başarılı bir şekilde oluşturuldu") + # Configure ad_info for deregisteration info + default_ad_info_path = "/etc/ahenk/ad_info" + file_default_ad_info = open(default_ad_info_path, 'r') + file_data = file_default_ad_info.read() - # Create and Configure ad_info file - (result_code, p_out, p_err) = self.util.create_file("/etc/ahenk/ad_info") - if (result_code == 0): - self.logger.info("AD INFO başarılı bir şekilde oluşturuldu") - # Configure ad_info for deregisteration info - default_ad_info_path = "/etc/ahenk/ad_info" - file_default_ad_info = open(default_ad_info_path, 'r') - file_data = file_default_ad_info.read() + file_data = file_data + ("{}".format(ip_address)) + "\n" + ("{}".format(host_name)) + "\n" + ( + "{}".format(domain_name)) + "\n" + ("{}".format(ad_username)) + self.logger.info("/etc/ahenk/ad_info bilgiler girildi.") + file_default_ad_info.close() + file_default_ad_info = open(default_ad_info_path, 'w') + file_default_ad_info.write(file_data) + file_default_ad_info.close() + else: + self.logger.error("ad_info oluşturma komutu başarısız : " + str(p_err)) - file_data = file_data + ("{}".format(ip_address)) + "\n" + ("{}".format(host_name)) + "\n" + ( - "{}".format(domain_name)) + "\n" + ("{}".format(ad_username)) - self.logger.info("/etc/ahenk/ad_info bilgiler girildi.") - file_default_ad_info.close() - file_default_ad_info = open(default_ad_info_path, 'w') - file_default_ad_info.write(file_data) - file_default_ad_info.close() - else: - self.logger.error("ad_info oluşturma komutu başarısız : " + str(p_err)) + self.logger.info("Authenticate starting....") + # Configure /etc/dhcp/dhclient.conf + dhclient_conf_path = "/etc/dhcp/dhclient.conf" + dhc_conf = self.util.read_file_by_line(dhclient_conf_path, "r") + dhc_conf_temp = open(dhclient_conf_path, 'w') - self.logger.info("Authenticate starting....") - # Configure /etc/dhcp/dhclient.conf - dhclient_conf_path = "/etc/dhcp/dhclient.conf" - dhc_conf = self.util.read_file_by_line(dhclient_conf_path, "r") - dhc_conf_temp = open(dhclient_conf_path, 'w') + for lines in dhc_conf: + if (lines == "#prepend domain-name-servers 127.0.0.1;\n"): + lines = lines.replace(lines, ("prepend domain-name-servers {};\n".format(ip_address))) + dhc_conf_temp.write(lines) + dhc_conf_temp.close() - for lines in dhc_conf: - if (lines == "#prepend domain-name-servers 127.0.0.1;\n"): - lines = lines.replace(lines, ("prepend domain-name-servers {};\n".format(ip_address))) - dhc_conf_temp.write(lines) - dhc_conf_temp.close() + file_default_dhcp = open(dhclient_conf_path, 'r') + file_data = file_default_dhcp.read() - file_default_dhcp = open(dhclient_conf_path, 'r') - file_data = file_default_dhcp.read() + if ("prepend domain-name-servers {};\n".format(ip_address)) not in file_data: + file_data = file_data + "\n" + ("prepend domain-name-servers {};".format(ip_address)) - if ("prepend domain-name-servers {};\n".format(ip_address)) not in file_data: - file_data = file_data + "\n" + ("prepend domain-name-servers {};".format(ip_address)) + file_default_dhcp.close() + file_default_dhcp = open(dhclient_conf_path, 'w') + file_default_dhcp.write(file_data) + file_default_dhcp.close() - file_default_dhcp.close() - file_default_dhcp = open(dhclient_conf_path, 'w') - file_default_dhcp.write(file_data) - file_default_dhcp.close() + # Configure /etc/resolv.conf + resolve_conf_path = "/etc/resolv.conf" + resolve_conf = self.util.read_file_by_line(resolve_conf_path, "r") + resolve_conf_temp = open(resolve_conf_path, 'w') + for lines in resolve_conf: + if (lines == ("nameserver {}\n".format(ip_address))): + continue + lines = lines.replace(lines, ("#" + lines)) + resolve_conf_temp.write(lines) + resolve_conf_temp.close() - # Configure /etc/resolv.conf - resolve_conf_path = "/etc/resolv.conf" - resolve_conf = self.util.read_file_by_line(resolve_conf_path, "r") - resolve_conf_temp = open(resolve_conf_path, 'w') + file_default_resolve = open(resolve_conf_path, 'r') + file_data = file_default_resolve.read() - for lines in resolve_conf: - if (lines == ("nameserver {}\n".format(ip_address))): - continue - lines = lines.replace(lines, ("#" + lines)) - resolve_conf_temp.write(lines) - resolve_conf_temp.close() + if ("nameserver {}\n".format(ip_address)) not in file_data: + file_data = file_data + "\n" + ("nameserver {}\n".format(ip_address)) + self.logger.info("/etc/resolv.conf is configured") - file_default_resolve = open(resolve_conf_path, 'r') - file_data = file_default_resolve.read() + file_default_resolve.close() + file_default_resolve = open(resolve_conf_path, 'w') + file_default_resolve.write(file_data) + file_default_resolve.close() - if ("nameserver {}\n".format(ip_address)) not in file_data: - file_data = file_data + "\n" + ("nameserver {}\n".format(ip_address)) - self.logger.info("/etc/resolv.conf is configured") + # Configure /etc/hosts + host_path = "/etc/hosts" + file_default_hosts = open(host_path, 'r') + file_data = file_default_hosts.read() - file_default_resolve.close() - file_default_resolve = open(resolve_conf_path, 'w') - file_default_resolve.write(file_data) - file_default_resolve.close() + if ("{0} {1}".format(ip_address, host_name)) not in file_data: + file_data = file_data + "\n" + ("{0} {1}".format(ip_address, host_name)) + self.logger.info("/etc/hosts is configured") + file_default_hosts.close() + file_default_hosts = open(host_path, 'w') + file_default_hosts.write(file_data) + file_default_hosts.close() - # Configure /etc/hosts - host_path = "/etc/hosts" - file_default_hosts = open(host_path, 'r') - file_data = file_default_hosts.read() + # Execute the script that required for "samba-common" and "krb5" + (result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}".format(domain_name.upper(),host_name)) - if ("{0} {1}".format(ip_address, host_name)) not in file_data: - file_data = file_data + "\n" + ("{0} {1}".format(ip_address, host_name)) - self.logger.info("/etc/hosts is configured") + if(result_code == 0): + self.logger.info("Script başarılı bir şekilde çalıştırıldı.") + else: + self.logger.error("Script başarısız oldu : " + str(p_err)) - file_default_hosts.close() - file_default_hosts = open(host_path, 'w') - file_default_hosts.write(file_data) - file_default_hosts.close() + # Installation of required packages + (result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install realmd sssd sssd-tools adcli packagekit samba-common-bin samba-libs") + if (result_code == 0): + self.logger.info("İndirmeler Başarılı") + else: + self.logger.error("İndirmeler Başarısız : " + str(p_err)) + # Configure pam.d/common-session + pamd_common_session_path = "/etc/pam.d/common-session" + file_default_pam = open(pamd_common_session_path, 'r') + file_data = file_default_pam.read() - # Execute the script that required for "samba-common" and "krb5" - (result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}".format(domain_name.upper(),host_name)) + if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" not in file_data: + file_data = file_data + "\n" + "session optional pam_mkhomedir.so skel=/etc/skel umask=077" + self.logger.info("/etc/pam.d/common-session is configured") - if(result_code == 0): - self.logger.info("Script başarılı bir şekilde çalıştırıldı.") - else: - self.logger.error("Script başarısız oldu : " + str(p_err)) + file_default_pam.close() + file_default_pam = open(pamd_common_session_path, 'w') + file_default_pam.write(file_data) + file_default_pam.close() - # Installation of required packages - (result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install realmd sssd sssd-tools adcli packagekit samba-common-bin samba-libs") - if (result_code == 0): - self.logger.info("İndirmeler Başarılı") - else: - self.logger.error("İndirmeler Başarısız : " + str(p_err)) + # Execute the commands that require for join Domain + (result_code, p_out, p_err) = self.util.execute("realm discover {}".format(domain_name.upper())) + if (result_code == 0): + self.logger.info("Realm Discover komutu başarılı") + else: + self.logger.error("Realm Discover komutu başarısız : " + str(p_err)) + (result_code, p_out, p_err) = self.util.execute("echo \"{0}\" | realm join --user={1} {2}".format(password, ad_username, domain_name.upper())) + if (result_code == 0): + self.logger.info("Realm Join komutu başarılı") + else: + self.logger.error("Realm Join komutu başarısız : " + str(p_err)) - # Configure pam.d/common-session - pamd_common_session_path = "/etc/pam.d/common-session" - file_default_pam = open(pamd_common_session_path, 'r') - file_data = file_default_pam.read() + # Configure sssd template + sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad.conf" + sssd_config_folder_path = "/etc/sssd" + sssd_config_file_path = "/etc/sssd/sssd.conf" - if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" not in file_data: - file_data = file_data + "\n" + "session optional pam_mkhomedir.so skel=/etc/skel umask=077" - self.logger.info("/etc/pam.d/common-session is configured") + if not self.util.is_exist(sssd_config_folder_path): + self.util.create_directory(sssd_config_folder_path) + self.logger.info("{0} folder is created".format(sssd_config_folder_path)) - file_default_pam.close() - file_default_pam = open(pamd_common_session_path, 'w') - file_default_pam.write(file_data) - file_default_pam.close() + if self.util.is_exist(sssd_config_file_path): + self.util.delete_file(sssd_config_file_path) + self.logger.info("delete sssd org conf") - # Execute the commands that require for join Domain - (result_code, p_out, p_err) = self.util.execute("realm discover {}".format(domain_name.upper())) - if (result_code == 0): - self.logger.info("Realm Discover komutu başarılı") - else: - self.logger.error("Realm Discover komutu başarısız : " + str(p_err)) + self.util.copy_file(sssd_config_template_path, sssd_config_folder_path) + self.logger.info("{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path)) + self.util.rename_file("/etc/sssd/sssd_ad.conf", "/etc/sssd/sssd.conf") - (result_code, p_out, p_err) = self.util.execute("echo \"{0}\" | realm join --user={1} {2}".format(password, ad_username, domain_name.upper())) - if (result_code == 0): - self.logger.info("Realm Join komutu başarılı") - else: - self.logger.error("Realm Join komutu başarısız : " + str(p_err)) + # Configure sssd.conf + file_sssd = open(sssd_config_file_path, 'r') + file_data = file_sssd.read() - # Configure sssd template - sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad.conf" - sssd_config_folder_path = "/etc/sssd" - sssd_config_file_path = "/etc/sssd/sssd.conf" + file_data = file_data.replace("###domains###", "domains = {}".format(domain_name)) + file_data = file_data.replace("###[domain/###", "[domain/{}]".format(domain_name)) + file_data = file_data.replace("###ad_domain###", "ad_domain = {}".format(domain_name)) + file_data = file_data.replace("###krb5_realm###", "krb5_realm = {}".format(domain_name.upper())) - if not self.util.is_exist(sssd_config_folder_path): - self.util.create_directory(sssd_config_folder_path) - self.logger.info("{0} folder is created".format(sssd_config_folder_path)) + file_sssd.close() + file_sssd = open(sssd_config_file_path, 'w') + file_sssd.write(file_data) + file_sssd.close() - if self.util.is_exist(sssd_config_file_path): - self.util.delete_file(sssd_config_file_path) - self.logger.info("delete sssd org conf") + # Arrangement of chmod as 600 for sssd.conf + (result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path)) + if(result_code == 0): + self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı") + else: + self.logger.error("Chmod komutu başarısız : " + str(p_err)) - self.util.copy_file(sssd_config_template_path, sssd_config_folder_path) - self.logger.info("{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path)) - self.util.rename_file("/etc/sssd/sssd_ad.conf", "/etc/sssd/sssd.conf") + # Configure sssd for language environment + default_sssd_path = "/etc/default/sssd" + file_default_sssd = open(default_sssd_path, 'r') + file_data = file_default_sssd.read() - # Configure sssd.conf - file_sssd = open(sssd_config_file_path, 'r') - file_data = file_sssd.read() + if not self.util.is_exist(default_sssd_path): + self.util.create_directory(default_sssd_path) + self.logger.info("{0} folder is created".format(default_sssd_path)) - file_data = file_data.replace("###domains###", "domains = {}".format(domain_name)) - file_data = file_data.replace("###[domain/###", "[domain/{}]".format(domain_name)) - file_data = file_data.replace("###ad_domain###", "ad_domain = {}".format(domain_name)) - file_data = file_data.replace("###krb5_realm###", "krb5_realm = {}".format(domain_name.upper())) + if self.util.is_exist(default_sssd_path): + self.util.delete_file(default_sssd_path) + self.logger.info("delete sssd org conf") - file_sssd.close() - file_sssd = open(sssd_config_file_path, 'w') - file_sssd.write(file_data) - file_sssd.close() + if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data : + file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\"" + self.logger.info("/etc/default/sssd is configured") + file_default_sssd.close() + file_default_sssd = open(default_sssd_path, 'w') + file_default_sssd.write(file_data) + file_default_sssd.close() + self.util.execute("systemctl restart nscd.service") + # self.util.execute("pam-auth-update --force") + self.logger.info("AD Login operation has been completed.") - - - # Arrangement of chmod as 600 for sssd.conf - (result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path)) - if(result_code == 0): - self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı") - else: - self.logger.error("Chmod komutu başarısız : " + str(p_err)) - - # Configure sssd for language environment - default_sssd_path = "/etc/default/sssd" - file_default_sssd = open(default_sssd_path, 'r') - file_data = file_default_sssd.read() - - if not self.util.is_exist(default_sssd_path): - self.util.create_directory(default_sssd_path) - self.logger.info("{0} folder is created".format(default_sssd_path)) - - if self.util.is_exist(default_sssd_path): - self.util.delete_file(default_sssd_path) - self.logger.info("delete sssd org conf") - - if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data : - file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\"" - self.logger.info("/etc/default/sssd is configured") - - file_default_sssd.close() - file_default_sssd = open(default_sssd_path, 'w') - file_default_sssd.write(file_data) - file_default_sssd.close() - - self.util.execute("systemctl restart nscd.service") - # self.util.execute("pam-auth-update --force") - self.logger.info("AD Login operation has been completed.") - - self.logger.info("AD Login işlemi başarı ile sağlandı.") - return True + self.logger.info("AD Login işlemi başarı ile sağlandı.") + return True + except Exception as e: + self.logger.error(str(e)) + self.logger.info("AD Login işlemi esnasında hata oluştu.") + return False diff --git a/src/plugins/ldap-login/execute_ad_login.py b/src/plugins/ldap-login/execute_ad_login.py index 8c8a126..fa34abc 100644 --- a/src/plugins/ldap-login/execute_ad_login.py +++ b/src/plugins/ldap-login/execute_ad_login.py @@ -32,8 +32,6 @@ class ADLogin(AbstractPlugin): ad_port = self.data['ad_port'] disabled_local_user = self.data['disableLocalUser'] - - execution_result = self.ad_authentication.authenticate(domain_name, hostname, ip_address, admin_password, ad_username) if execution_result is False: self.context.create_response(code=self.message_code.TASK_ERROR.value,