univention.connector package

univention.connector.decode_guid(value)[source]
univention.connector.generate_strong_password(length=24)[source]
univention.connector.set_ucs_passwd_user(connector, key, ucs_object)[source]

set random password to fulfill required values

univention.connector.check_ucs_lastname_user(connector, key, ucs_object)[source]

check if required values for lastname are set

univention.connector.set_primary_group_user(connector, key, ucs_object)[source]

check if correct primary group is set

univention.connector.dictonary_lowercase(dict_)[source]
univention.connector.compare_normal(val1, val2)[source]
univention.connector.compare_lowercase(val1, val2)[source]
class univention.connector.configdb(filename)[source]

Bases: object

get_by_value(section, option)[source]
get(section, option)[source]
set(section, option, value)[source]
items(section)[source]
remove_option(section, option)[source]
has_section(section)[source]
add_section(section)[source]
has_option(section, option)[source]
class univention.connector.Mapping(mapping)[source]

Bases: object

class univention.connector.attribute(ucs_attribute='', ldap_attribute='', con_attribute='', con_other_attribute='', required=0, single_value=False, compare_function='', mapping=(), reverse_attribute_check=False, sync_mode='sync', con_depends='', con_attribute_encoding='UTF-8')[source]

Bases: object

A mapping attribute description

Parameters
  • ucs_attribute (str) – The property name of the object in UDM

  • ldap_attribute (str) – The LDAP attribute name of the object in UCS LDAP

  • con_attribute (str) – The LDAP attribute name of the object in AD LDAP

  • con_other_attribute (str) – Further LDAP attribute name of the object in AD LDAP.

  • required (bool) – unused

  • single_value (bool) – Whether the attribute is single_value in the AD LDAP.

  • compare_function (callable) – A comparision function which compares raw ldap attribute values.

  • mapping – Mapping functions for (sync_to_ad, sync_to_ucs)

  • reverse_attribute_check – Make a reverse check of this mapping, if the mapping is not 1:1.

  • sync_mode – The syncronization direction (read, write, sync)

Ptype mapping

tuple

Ptype reverse_attribute_check

bool

Ptype sync_mode

str

class univention.connector.property(ucs_default_dn='', con_default_dn='', ucs_module='', ucs_module_others=[], sync_mode='', scope='', con_search_filter='', ignore_filter=None, match_filter=None, ignore_subtree=[], con_create_objectclass=[], con_create_attributes=[], dn_mapping_function=[], attributes=None, ucs_create_functions=[], post_con_create_functions=[], post_con_modify_functions=[], post_ucs_modify_functions=[], post_attributes=None, mapping_table=None, position_mapping=[], con_subtree_delete_objects=[])[source]

Bases: object

class univention.connector.ucs(CONFIGBASENAME, _property, configRegistry, listener_dir, logfilename, debug_level)[source]

Bases: object

init_ldap_connections()[source]
dn_mapped_to_base(dn, base)[source]

Introduced for Bug #33110: Fix case of base part of DN

open_ucs()[source]
search_ucs(filter='(objectClass=*)', base='', scope='sub', attr=[], unique=0, required=0, timeout=- 1, sizelimit=0)[source]
init_debug()[source]
close_debug()[source]
list_rejected_ucs(filter_noresync=False)[source]
get_dn_by_ucs(dn_ucs)[source]
get_dn_by_con(dn_con)[source]
get_ucs_ldap_object_dn(dn)[source]
get_ucs_ldap_object(dn)[source]
get_ucs_object(property_type, dn)[source]
initialize_ucs()[source]
initialize()[source]
resync_rejected_ucs()[source]

tries to resync rejected changes from UCS

resync_rejected()[source]
poll_ucs()[source]

poll changes from UCS: iterates over files exported by directory-listener module

poll(show_deleted=True)[source]
add_in_ucs(property_type, object, module, position)[source]
modify_in_ucs(property_type, object, module, position)[source]
move_in_ucs(property_type, object, module, position)[source]
update_deleted_cache_after_removal(entryUUID, objectGUID)[source]
was_entryUUID_deleted(entryUUID)[source]
was_objectGUID_deleted_by_ucs(objectGUID)[source]
delete_in_ucs(property_type, object, module, position)[source]

Removes an AD object in UCS-LDAP

sync_to_ucs(property_type, object, pre_mapped_ad_dn, original_object)[source]

Synchronize an object from AD-LDAP to UCS Open-LDAP.

Parameters
  • property_type – the type of the object to be synced, must be part of the mapping. (e.g. “user”, “group”, “dc”, “windowscomputer”, etc.)

  • object – A dictionary describing the AD object. modtype: A modification type (“add”, “modify”, “move”, “delete”) dn: The DN of the object in the UCS-LDAP olddn: The olddn of the object object in UCS-LDAP (e.g. on “move” operation)

  • pre_mapped_ad_dn – pass

  • original_object – pass

Ptype object

dict

identify_udm_object(dn, attrs)[source]

Get the type of the specified UCS object

Submodules

univention.connector.adcache module

class univention.connector.adcache.EntryDiff(old, new)[source]

Bases: object

added()[source]
removed()[source]
changed()[source]
class univention.connector.adcache.ADCache(filename)[source]

Bases: object

Local cache for the current AD state of the adconnector. With this cache the connector has the possibility to create a diff between the new AD object and the old one from cache.

add_entry(guid, entry)[source]
diff_entry(old_entry, new_entry)[source]
get_entry(guid)[source]
remove_entry(guid)[source]