Liderahenk/Ahenk
1
0
Fork 0
mirror of https://github.com/Pardus-LiderAhenk/ahenk synced 2024-11-13 03:23:42 +03:00
Code Issues Projects Releases Packages Wiki Activity

cancel ad authentication module added

Browse source
This commit is contained in:
Tuncay ÇOLAK 2020-04-03 14:22:30 +03:00
parent d61f10469b
commit a70f3be796
3 changed files with 216 additions and 317 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

208
src/base/registration/execute_cancel_sssd_ad_authentication.py
View file

@ -6,53 +6,44 @@ from base.scope import Scope
from base.util.util import Util from base.util.util import Util
import re import re
class ExecuteCancelSSSDAdAuthentication: class ExecuteCancelSSSDAdAuthentication:
def __init__(self): def __init__(self):
scope = Scope().get_instance() scope = Scope().get_instance()
self.logger = scope.get_logger() self.logger = scope.get_logger()
self.util = Util() self.util = Util()
self.ad_info_path = "/etc/ahenk/ad_info"
def cancel(self): def cancel(self):
# Deleting packages require for AD entegration
self.util.execute("apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y")
self.util.execute("apt autoremove -y")
# Read information about AD
if self.util.is_exist("/etc/ahenk/ad_info"):
file_data = open("/etc/ahenk/ad_info","r")
ip_address = (file_data.readline())
host_name = (file_data.readline())
file_data.close()
self.logger.info("ad_info dosyasından bilgiler başarılı bir şekilde alındı.")
else:
self.logger.error("ad_info dosyasına ulaşılamadı ")
try: try:
# Deleting packages require for AD entegration
self.util.execute(
"apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y")
self.util.execute("apt autoremove -y")
# Read information about AD
if self.util.is_exist(self.ad_info_path):
file_data = self.util.read_file_by_line(self.ad_info_path)
self.ip_address = file_data[0].strip("\n")
self.host_name = file_data[1].strip("\n")
self.logger.info(self.ip_address)
self.logger.info(self.host_name)
self.logger.info("Information read successfully from ad_info.")
else:
self.logger.error("ad_info file not found")
if self.util.is_exist("/etc/sssd"): if self.util.is_exist("/etc/sssd"):
self.util.delete_folder("/etc/sssd") # self.util.delete_folder("/etc/sssd")
self.logger.info("SSSD is deleted") self.logger.info("SSSD is deleted")
else: else:
self.logger.info("SSSD is not exist") self.logger.info("SSSD is not exist")
except Exception as e: # Re-Configure dhclient.conf deleting AD IP address
self.logger.error("Error while running /etc/SSSD.. Error Message " + str(e))
# Re-Configure dhclient.conf deleting AD IP address
try:
dhclient_conf_path = "/etc/dhcp/dhclient.conf" dhclient_conf_path = "/etc/dhcp/dhclient.conf"
file_dhclient = open(dhclient_conf_path, 'r') file_dhclient = open(dhclient_conf_path, 'r')
file_data = file_dhclient.read() file_data = file_dhclient.read()
if "prepend domain-name-servers {};".format(ip_address) in file_data: if "prepend domain-name-servers {};".format(self.ip_address) in file_data:
file_data = file_data.replace(("prepend domain-name-servers {};".format(ip_address)), file_data = file_data.replace(("prepend domain-name-servers {};".format(self.ip_address)),
"#prepend domain-name-servers 127.0.0.1;") "#prepend domain-name-servers 127.0.0.1;")
self.logger.info("dhclient is reconfigured") self.logger.info("dhclient is reconfigured")
else: else:
@ -63,77 +54,13 @@ class ExecuteCancelSSSDAdAuthentication:
file_dhclient.write(file_data) file_dhclient.write(file_data)
file_dhclient.close() file_dhclient.close()
except Exception as e: # Configure hosts for deleting AD "IP address" and "AD hostname"
self.logger.error("Error while running /dhcp/dhclient.conf.. Error Message " + str(e))
# Pattern for clearing file data from spaces, tabs and newlines
# pattern = re.compile(r'\s+')
# # Re-Configure nsswitch.conf
# file_ns_switch = open("/etc/nsswitch.conf", 'r')
# file_data = file_ns_switch.read()
#
# # Cleared file data from spaces, tabs and newlines
# text = pattern.sub('', file_data)
# #BİR BİR BİR BAKKKKKKKKK
# did_configuration_change = False
# if "passwd:" in text:
# file_data = file_data.replace("passwd: files systemd sss", "passwd: compat")
# did_configuration_change = True
# self.logger.info("passwd:compatss BAŞARILI")
#
#
# if "group:" in text:
# file_data = file_data.replace("group: files systemd sss", "group: compat")
# did_configuration_change = True
# self.logger.info("group:compatss BAŞARILI")
#
#
#
# if "shadow:" in text:
# file_data = file_data.replace("shadow: files sss", "shadow: compat")
# did_configuration_change = True
# self.logger.info("shadow:compatss BAŞARILI")
#
#
# if "services:" in text:
# file_data = file_data.replace("services: db files sss", "services: db files")
# did_configuration_change = True
# self.logger.info("services:compatss BAŞARILI")
#
#
# if "netgroup:" in text:
# file_data = file_data.replace("netgroup: nis sss", "netgroup: nis")
# did_configuration_change = True
# self.logger.info("netgroup:nissss BAŞARILI")
#
#
# if "sudoers:" in text:
# file_data = file_data.replace("sudoers: files sss", " ")
# did_configuration_change = True
# self.logger.info("sudoers:filessss BAŞARILI")
#
#
# if did_configuration_change:
# self.logger.info("nsswitch.conf configuration has been configured")
# else:
# self.logger.info("nsswitch.conf has already been configured")
#
# file_ns_switch.close()
# file_ns_switch = open("/etc/nsswitch.conf", 'w')
# file_ns_switch.write(file_data)
# file_ns_switch.close()
# Configure hosts for deleting AD "IP address" and "AD hostname"
try:
hosts_conf_path = "/etc/hosts" hosts_conf_path = "/etc/hosts"
file_hosts = open(hosts_conf_path, 'r') file_hosts = open(hosts_conf_path, 'r')
file_data = file_hosts.read() file_data = file_hosts.read()
if ("{0} {1}".format(ip_address, host_name)) in file_data: if ("{0} {1}".format(self.ip_address, self.host_name)) in file_data:
file_data = file_data.replace(("{0} {1}".format(ip_address, host_name)), " ") file_data = file_data.replace(("{0} {1}".format(self.ip_address, self.host_name)), " ")
self.logger.info("hosts is configured") self.logger.info("hosts is configured")
else: else:
self.logger.error("hosts is not configured") self.logger.error("hosts is not configured")
@ -142,15 +69,8 @@ class ExecuteCancelSSSDAdAuthentication:
file_hosts.write(file_data) file_hosts.write(file_data)
file_hosts.close() file_hosts.close()
except Exception as e: # Configure common-session for deleting home directories for AD users
self.logger.error("Error while running /etc/hosts.. Error Message " + str(e))
# Configure common-session for deleting home directories for AD users
try:
common_session_conf_path = "/etc/pam.d/common-session" common_session_conf_path = "/etc/pam.d/common-session"
file_common_session = open(common_session_conf_path, 'r') file_common_session = open(common_session_conf_path, 'r')
file_data = file_common_session.read() file_data = file_common_session.read()
@ -165,50 +85,42 @@ class ExecuteCancelSSSDAdAuthentication:
file_common_session.write(file_data) file_common_session.write(file_data)
file_common_session.close() file_common_session.close()
except Exception as e: # Configure resolv.conf for deleting AD IP address
self.logger.error("Error while running /etc/pam.d/common-session.. Error Message " + str(e)) resolv_conf_path = "/etc/resolv.conf"
file_resolv = open(resolv_conf_path, 'r')
file_data = file_resolv.read()
# Configure resolv.conf for deleting AD IP address if ("nameserver {0}".format(self.ip_address)) in file_data:
file_data = file_data.replace(("nameserver {0}".format(self.ip_address)), "")
resolv_conf_path = "/etc/resolv.conf" self.logger.info("resolv.conf is configured")
file_resolv = open(resolv_conf_path, 'r')
file_data = file_resolv.read()
if ("nameserver {0}".format(ip_address)) in file_data:
file_data = file_data.replace(("nameserver {0}".format(ip_address)), "")
self.logger.info("resolv.conf is configured")
else:
self.logger.error("resolv is not configured")
file_resolv.close()
file_resolv = open(resolv_conf_path, 'w')
file_resolv.write(file_data)
file_resolv.close()
# Deleting ad_info file
try:
if self.util.is_exist("/etc/ahenk/ad_info"):
(result_code, p_out, p_err) = self.util.execute("rm -rf /etc/ahenk/ad_info")
if (result_code == 0):
self.logger.info("ad_info Başarılı bir şekilde silindi")
else:
self.logger.error("ad_info silinemedi : " + str(p_err))
else: else:
self.logger.error("ad_info dosyasına ulaşılamadı ") self.logger.error("resolv is not configured")
file_resolv.close()
file_resolv = open(resolv_conf_path, 'w')
file_resolv.write(file_data)
file_resolv.close()
# Deleting ad_info file
if self.util.is_exist(self.ad_info_path):
self.util.delete_file(self.ad_info_path)
self.logger.info("Deleted ad_info file")
else:
self.logger.error("ad_info file not found")
# Configure lightdm.service
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
if self.util.is_exist(pardus_xfce_path):
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path)
self.util.execute("systemctl restart nscd.service")
else:
self.logger.info("99-pardus-xfce.conf not found")
self.logger.info("AD Login iptal etme işlemi başarı ile sağlandı.")
return True
except Exception as e: except Exception as e:
self.logger.error("Error while running /ad_infoyu SİLERKEN.. Error Message " + str(e)) self.logger.error(str(e))
self.logger.info("AD Login İptal etme işlemi esnasında hata oluştu.")
return False
# Configure lightdm.service
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
if self.util.is_exist(pardus_xfce_path):
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path)
self.util.execute("systemctl restart nscd.service")
self.logger.info("LDAP Login iptal etme işlemi başarı ile sağlandı.")

323
src/base/registration/execute_sssd_ad_authentication.py
View file

@ -2,7 +2,6 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Author: Agah Hulusi ÖZ <enghulusi@gmail.com> # Author: Agah Hulusi ÖZ <enghulusi@gmail.com>
from base.scope import Scope from base.scope import Scope
from base.util.util import Util from base.util.util import Util
@ -12,208 +11,198 @@ class ExecuteSSSDAdAuthentication:
self.logger = scope.get_logger() self.logger = scope.get_logger()
self.util = Util() self.util = Util()
# self.domain_name = "engerek.local"
# self.host_name = "liderahenk.engerek.local"
# self.ip_address = "172.16.103.28"
# self.password = "Pp123456"
def authenticate(self, domain_name, host_name, ip_address, password, ad_username): def authenticate(self, domain_name, host_name, ip_address, password, ad_username):
try:
# Create and Configure ad_info file
(result_code, p_out, p_err) = self.util.create_file("/etc/ahenk/ad_info")
if (result_code == 0):
self.logger.info("AD INFO başarılı bir şekilde oluşturuldu")
# Configure ad_info for deregisteration info
default_ad_info_path = "/etc/ahenk/ad_info"
file_default_ad_info = open(default_ad_info_path, 'r')
file_data = file_default_ad_info.read()
# Create and Configure ad_info file file_data = file_data + ("{}".format(ip_address)) + "\n" + ("{}".format(host_name)) + "\n" + (
(result_code, p_out, p_err) = self.util.create_file("/etc/ahenk/ad_info") "{}".format(domain_name)) + "\n" + ("{}".format(ad_username))
if (result_code == 0): self.logger.info("/etc/ahenk/ad_info bilgiler girildi.")
self.logger.info("AD INFO başarılı bir şekilde oluşturuldu") file_default_ad_info.close()
# Configure ad_info for deregisteration info file_default_ad_info = open(default_ad_info_path, 'w')
default_ad_info_path = "/etc/ahenk/ad_info" file_default_ad_info.write(file_data)
file_default_ad_info = open(default_ad_info_path, 'r') file_default_ad_info.close()
file_data = file_default_ad_info.read() else:
self.logger.error("ad_info oluşturma komutu başarısız : " + str(p_err))
file_data = file_data + ("{}".format(ip_address)) + "\n" + ("{}".format(host_name)) + "\n" + ( self.logger.info("Authenticate starting....")
"{}".format(domain_name)) + "\n" + ("{}".format(ad_username)) # Configure /etc/dhcp/dhclient.conf
self.logger.info("/etc/ahenk/ad_info bilgiler girildi.") dhclient_conf_path = "/etc/dhcp/dhclient.conf"
file_default_ad_info.close() dhc_conf = self.util.read_file_by_line(dhclient_conf_path, "r")
file_default_ad_info = open(default_ad_info_path, 'w') dhc_conf_temp = open(dhclient_conf_path, 'w')
file_default_ad_info.write(file_data)
file_default_ad_info.close()
else:
self.logger.error("ad_info oluşturma komutu başarısız : " + str(p_err))
self.logger.info("Authenticate starting....") for lines in dhc_conf:
# Configure /etc/dhcp/dhclient.conf if (lines == "#prepend domain-name-servers 127.0.0.1;\n"):
dhclient_conf_path = "/etc/dhcp/dhclient.conf" lines = lines.replace(lines, ("prepend domain-name-servers {};\n".format(ip_address)))
dhc_conf = self.util.read_file_by_line(dhclient_conf_path, "r") dhc_conf_temp.write(lines)
dhc_conf_temp = open(dhclient_conf_path, 'w') dhc_conf_temp.close()
for lines in dhc_conf: file_default_dhcp = open(dhclient_conf_path, 'r')
if (lines == "#prepend domain-name-servers 127.0.0.1;\n"): file_data = file_default_dhcp.read()
lines = lines.replace(lines, ("prepend domain-name-servers {};\n".format(ip_address)))
dhc_conf_temp.write(lines)
dhc_conf_temp.close()
file_default_dhcp = open(dhclient_conf_path, 'r') if ("prepend domain-name-servers {};\n".format(ip_address)) not in file_data:
file_data = file_default_dhcp.read() file_data = file_data + "\n" + ("prepend domain-name-servers {};".format(ip_address))
if ("prepend domain-name-servers {};\n".format(ip_address)) not in file_data: file_default_dhcp.close()
file_data = file_data + "\n" + ("prepend domain-name-servers {};".format(ip_address)) file_default_dhcp = open(dhclient_conf_path, 'w')
file_default_dhcp.write(file_data)
file_default_dhcp.close()
file_default_dhcp.close() # Configure /etc/resolv.conf
file_default_dhcp = open(dhclient_conf_path, 'w') resolve_conf_path = "/etc/resolv.conf"
file_default_dhcp.write(file_data) resolve_conf = self.util.read_file_by_line(resolve_conf_path, "r")
file_default_dhcp.close() resolve_conf_temp = open(resolve_conf_path, 'w')
for lines in resolve_conf:
if (lines == ("nameserver {}\n".format(ip_address))):
continue
lines = lines.replace(lines, ("#" + lines))
resolve_conf_temp.write(lines)
resolve_conf_temp.close()
# Configure /etc/resolv.conf file_default_resolve = open(resolve_conf_path, 'r')
resolve_conf_path = "/etc/resolv.conf" file_data = file_default_resolve.read()
resolve_conf = self.util.read_file_by_line(resolve_conf_path, "r")
resolve_conf_temp = open(resolve_conf_path, 'w')
for lines in resolve_conf: if ("nameserver {}\n".format(ip_address)) not in file_data:
if (lines == ("nameserver {}\n".format(ip_address))): file_data = file_data + "\n" + ("nameserver {}\n".format(ip_address))
continue self.logger.info("/etc/resolv.conf is configured")
lines = lines.replace(lines, ("#" + lines))
resolve_conf_temp.write(lines)
resolve_conf_temp.close()
file_default_resolve = open(resolve_conf_path, 'r') file_default_resolve.close()
file_data = file_default_resolve.read() file_default_resolve = open(resolve_conf_path, 'w')
file_default_resolve.write(file_data)
file_default_resolve.close()
if ("nameserver {}\n".format(ip_address)) not in file_data: # Configure /etc/hosts
file_data = file_data + "\n" + ("nameserver {}\n".format(ip_address)) host_path = "/etc/hosts"
self.logger.info("/etc/resolv.conf is configured") file_default_hosts = open(host_path, 'r')
file_data = file_default_hosts.read()
file_default_resolve.close() if ("{0} {1}".format(ip_address, host_name)) not in file_data:
file_default_resolve = open(resolve_conf_path, 'w') file_data = file_data + "\n" + ("{0} {1}".format(ip_address, host_name))
file_default_resolve.write(file_data) self.logger.info("/etc/hosts is configured")
file_default_resolve.close()
file_default_hosts.close()
file_default_hosts = open(host_path, 'w')
file_default_hosts.write(file_data)
file_default_hosts.close()
# Configure /etc/hosts # Execute the script that required for "samba-common" and "krb5"
host_path = "/etc/hosts" (result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}".format(domain_name.upper(),host_name))
file_default_hosts = open(host_path, 'r')
file_data = file_default_hosts.read()
if ("{0} {1}".format(ip_address, host_name)) not in file_data: if(result_code == 0):
file_data = file_data + "\n" + ("{0} {1}".format(ip_address, host_name)) self.logger.info("Script başarılı bir şekilde çalıştırıldı.")
self.logger.info("/etc/hosts is configured") else:
self.logger.error("Script başarısız oldu : " + str(p_err))
file_default_hosts.close() # Installation of required packages
file_default_hosts = open(host_path, 'w') (result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install realmd sssd sssd-tools adcli packagekit samba-common-bin samba-libs")
file_default_hosts.write(file_data) if (result_code == 0):
file_default_hosts.close() self.logger.info("İndirmeler Başarılı")
else:
self.logger.error("İndirmeler Başarısız : " + str(p_err))
# Configure pam.d/common-session
pamd_common_session_path = "/etc/pam.d/common-session"
file_default_pam = open(pamd_common_session_path, 'r')
file_data = file_default_pam.read()
# Execute the script that required for "samba-common" and "krb5" if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" not in file_data:
(result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}".format(domain_name.upper(),host_name)) file_data = file_data + "\n" + "session optional pam_mkhomedir.so skel=/etc/skel umask=077"
self.logger.info("/etc/pam.d/common-session is configured")
if(result_code == 0): file_default_pam.close()
self.logger.info("Script başarılı bir şekilde çalıştırıldı.") file_default_pam = open(pamd_common_session_path, 'w')
else: file_default_pam.write(file_data)
self.logger.error("Script başarısız oldu : " + str(p_err)) file_default_pam.close()
# Installation of required packages # Execute the commands that require for join Domain
(result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install realmd sssd sssd-tools adcli packagekit samba-common-bin samba-libs") (result_code, p_out, p_err) = self.util.execute("realm discover {}".format(domain_name.upper()))
if (result_code == 0): if (result_code == 0):
self.logger.info("İndirmeler Başarılı") self.logger.info("Realm Discover komutu başarılı")
else: else:
self.logger.error("İndirmeler Başarısız : " + str(p_err)) self.logger.error("Realm Discover komutu başarısız : " + str(p_err))
(result_code, p_out, p_err) = self.util.execute("echo \"{0}\" | realm join --user={1} {2}".format(password, ad_username, domain_name.upper()))
if (result_code == 0):
self.logger.info("Realm Join komutu başarılı")
else:
self.logger.error("Realm Join komutu başarısız : " + str(p_err))
# Configure pam.d/common-session # Configure sssd template
pamd_common_session_path = "/etc/pam.d/common-session" sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad.conf"
file_default_pam = open(pamd_common_session_path, 'r') sssd_config_folder_path = "/etc/sssd"
file_data = file_default_pam.read() sssd_config_file_path = "/etc/sssd/sssd.conf"
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" not in file_data: if not self.util.is_exist(sssd_config_folder_path):
file_data = file_data + "\n" + "session optional pam_mkhomedir.so skel=/etc/skel umask=077" self.util.create_directory(sssd_config_folder_path)
self.logger.info("/etc/pam.d/common-session is configured") self.logger.info("{0} folder is created".format(sssd_config_folder_path))
file_default_pam.close() if self.util.is_exist(sssd_config_file_path):
file_default_pam = open(pamd_common_session_path, 'w') self.util.delete_file(sssd_config_file_path)
file_default_pam.write(file_data) self.logger.info("delete sssd org conf")
file_default_pam.close()
# Execute the commands that require for join Domain self.util.copy_file(sssd_config_template_path, sssd_config_folder_path)
(result_code, p_out, p_err) = self.util.execute("realm discover {}".format(domain_name.upper())) self.logger.info("{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path))
if (result_code == 0): self.util.rename_file("/etc/sssd/sssd_ad.conf", "/etc/sssd/sssd.conf")
self.logger.info("Realm Discover komutu başarılı")
else:
self.logger.error("Realm Discover komutu başarısız : " + str(p_err))
(result_code, p_out, p_err) = self.util.execute("echo \"{0}\" | realm join --user={1} {2}".format(password, ad_username, domain_name.upper())) # Configure sssd.conf
if (result_code == 0): file_sssd = open(sssd_config_file_path, 'r')
self.logger.info("Realm Join komutu başarılı") file_data = file_sssd.read()
else:
self.logger.error("Realm Join komutu başarısız : " + str(p_err))
# Configure sssd template file_data = file_data.replace("###domains###", "domains = {}".format(domain_name))
sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad.conf" file_data = file_data.replace("###[domain/###", "[domain/{}]".format(domain_name))
sssd_config_folder_path = "/etc/sssd" file_data = file_data.replace("###ad_domain###", "ad_domain = {}".format(domain_name))
sssd_config_file_path = "/etc/sssd/sssd.conf" file_data = file_data.replace("###krb5_realm###", "krb5_realm = {}".format(domain_name.upper()))
if not self.util.is_exist(sssd_config_folder_path): file_sssd.close()
self.util.create_directory(sssd_config_folder_path) file_sssd = open(sssd_config_file_path, 'w')
self.logger.info("{0} folder is created".format(sssd_config_folder_path)) file_sssd.write(file_data)
file_sssd.close()
if self.util.is_exist(sssd_config_file_path): # Arrangement of chmod as 600 for sssd.conf
self.util.delete_file(sssd_config_file_path) (result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path))
self.logger.info("delete sssd org conf") if(result_code == 0):
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı")
else:
self.logger.error("Chmod komutu başarısız : " + str(p_err))
self.util.copy_file(sssd_config_template_path, sssd_config_folder_path) # Configure sssd for language environment
self.logger.info("{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path)) default_sssd_path = "/etc/default/sssd"
self.util.rename_file("/etc/sssd/sssd_ad.conf", "/etc/sssd/sssd.conf") file_default_sssd = open(default_sssd_path, 'r')
file_data = file_default_sssd.read()
# Configure sssd.conf if not self.util.is_exist(default_sssd_path):
file_sssd = open(sssd_config_file_path, 'r') self.util.create_directory(default_sssd_path)
file_data = file_sssd.read() self.logger.info("{0} folder is created".format(default_sssd_path))
file_data = file_data.replace("###domains###", "domains = {}".format(domain_name)) if self.util.is_exist(default_sssd_path):
file_data = file_data.replace("###[domain/###", "[domain/{}]".format(domain_name)) self.util.delete_file(default_sssd_path)
file_data = file_data.replace("###ad_domain###", "ad_domain = {}".format(domain_name)) self.logger.info("delete sssd org conf")
file_data = file_data.replace("###krb5_realm###", "krb5_realm = {}".format(domain_name.upper()))
file_sssd.close() if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data :
file_sssd = open(sssd_config_file_path, 'w') file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\""
file_sssd.write(file_data) self.logger.info("/etc/default/sssd is configured")
file_sssd.close()
file_default_sssd.close()
file_default_sssd = open(default_sssd_path, 'w')
file_default_sssd.write(file_data)
file_default_sssd.close()
self.util.execute("systemctl restart nscd.service")
# self.util.execute("pam-auth-update --force")
self.logger.info("AD Login operation has been completed.")
self.logger.info("AD Login işlemi başarı ile sağlandı.")
return True
# Arrangement of chmod as 600 for sssd.conf except Exception as e:
(result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path)) self.logger.error(str(e))
if(result_code == 0): self.logger.info("AD Login işlemi esnasında hata oluştu.")
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı") return False
else:
self.logger.error("Chmod komutu başarısız : " + str(p_err))
# Configure sssd for language environment
default_sssd_path = "/etc/default/sssd"
file_default_sssd = open(default_sssd_path, 'r')
file_data = file_default_sssd.read()
if not self.util.is_exist(default_sssd_path):
self.util.create_directory(default_sssd_path)
self.logger.info("{0} folder is created".format(default_sssd_path))
if self.util.is_exist(default_sssd_path):
self.util.delete_file(default_sssd_path)
self.logger.info("delete sssd org conf")
if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data :
file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\""
self.logger.info("/etc/default/sssd is configured")
file_default_sssd.close()
file_default_sssd = open(default_sssd_path, 'w')
file_default_sssd.write(file_data)
file_default_sssd.close()
self.util.execute("systemctl restart nscd.service")
# self.util.execute("pam-auth-update --force")
self.logger.info("AD Login operation has been completed.")
self.logger.info("AD Login işlemi başarı ile sağlandı.")
return True

2
src/plugins/ldap-login/execute_ad_login.py
View file

@ -32,8 +32,6 @@ class ADLogin(AbstractPlugin):
ad_port = self.data['ad_port'] ad_port = self.data['ad_port']
disabled_local_user = self.data['disableLocalUser'] disabled_local_user = self.data['disableLocalUser']
execution_result = self.ad_authentication.authenticate(domain_name, hostname, ip_address, admin_password, ad_username) execution_result = self.ad_authentication.authenticate(domain_name, hostname, ip_address, admin_password, ad_username)
if execution_result is False: if execution_result is False:
self.context.create_response(code=self.message_code.TASK_ERROR.value, self.context.create_response(code=self.message_code.TASK_ERROR.value,