forked from shaba/openuds
merged from 2.1 update 1 changes
This commit is contained in:
commit
9f441c6b22
@ -81,3 +81,8 @@ def writeConfig(data):
|
||||
|
||||
def useOldJoinSystem():
|
||||
return False
|
||||
|
||||
# Right now, we do not really need an application to be run on "startup" as could ocur with windows
|
||||
def runApplication():
|
||||
return None
|
||||
|
||||
|
@ -87,8 +87,25 @@ class CommonService(object):
|
||||
def reboot(self):
|
||||
self.rebootRequested = True
|
||||
|
||||
def setReady(self, hostName=None):
|
||||
self.api.setReady([(v.mac, v.ip) for v in operations.getNetworkInfo()], hostName)
|
||||
def execute(self, cmd, section):
|
||||
import os
|
||||
import subprocess
|
||||
import stat
|
||||
|
||||
if os.path.isfile(cmd):
|
||||
if (os.stat(cmd).st_mode & stat.S_IXUSR) != 0:
|
||||
subprocess.call([cmd, ])
|
||||
return True
|
||||
else:
|
||||
logger.info('{} file exists but it it is not executable (needs execution permission by admin/root)'.format(section))
|
||||
else:
|
||||
logger.info('{} file not found & not executed'.format(section))
|
||||
|
||||
return False
|
||||
|
||||
|
||||
def setReady(self):
|
||||
self.api.setReady([(v.mac, v.ip) for v in operations.getNetworkInfo()])
|
||||
|
||||
def interactWithBroker(self):
|
||||
'''
|
||||
@ -139,6 +156,13 @@ class CommonService(object):
|
||||
# Wait a bit before next check
|
||||
self.doWait(5000)
|
||||
|
||||
# Now try to run the "runonce" element
|
||||
runOnce = store.runApplication()
|
||||
if runOnce is not None:
|
||||
if self.execute(runOnce, 'RunOnce') is True:
|
||||
# operations.reboot()
|
||||
return False
|
||||
|
||||
# Broker connection is initialized, now get information about what to
|
||||
# do
|
||||
counter = 0
|
||||
|
@ -57,7 +57,7 @@ from .SENS import SENSGUID_PUBLISHER
|
||||
from .SENS import PROGID_EventSubscription
|
||||
from .SENS import PROGID_EventSystem
|
||||
|
||||
POST_CMD = 'c:\\windows\post-uds.bat'
|
||||
POST_CMD = 'c:\\windows\\post-uds.bat'
|
||||
|
||||
|
||||
class UDSActorSvc(win32serviceutil.ServiceFramework, CommonService):
|
||||
|
@ -105,3 +105,19 @@ def useOldJoinSystem():
|
||||
data = ''
|
||||
|
||||
return data == 'old'
|
||||
|
||||
# Gives the oportunity to run an application ONE TIME (because, the registry key "run" will be deleted after read)
|
||||
def runApplication():
|
||||
try:
|
||||
key = wreg.OpenKey(baseKey, 'Software\\UDSEnterpriseActor', 0, wreg.KEY_ALL_ACCESS) # @UndefinedVariable
|
||||
try:
|
||||
data, _ = wreg.QueryValueEx(key, 'run') # @UndefinedVariable
|
||||
wreg.DeleteValue(key, 'run') # @UndefinedVariable
|
||||
except Exception:
|
||||
data = None
|
||||
wreg.CloseKey(key) # @UndefinedVariable
|
||||
except:
|
||||
data = None
|
||||
|
||||
return data
|
||||
|
||||
|
@ -112,8 +112,8 @@ def request_service_info(provider_id, service_id):
|
||||
|
||||
resp, content = h.request(rest_url + 'providers/{0}/services/{1}'.format(provider_id, service_id), headers=headers)
|
||||
if resp['status'] != '200': # error due to incorrect parameters, bad request, etc...
|
||||
print "Error requesting pools"
|
||||
return {}
|
||||
print "Error requesting pools: response: {}, content: {}".format(resp, content)
|
||||
return None
|
||||
|
||||
return json.loads(content)
|
||||
|
||||
@ -125,14 +125,17 @@ if __name__ == '__main__':
|
||||
print res
|
||||
for r in res:
|
||||
res2 = request_service_info(r['provider_id'], r['service_id'])
|
||||
print "Base Service info por pool {0}: {1}".format(r['name'], res2)
|
||||
if res2 is not None:
|
||||
print "Base Service info por pool {0}: {1}".format(r['name'], res2['type'])
|
||||
else:
|
||||
print "Base service {} is not accesible".format(r['name'])
|
||||
print "First logout"
|
||||
print logout() # This will success
|
||||
print "Second logout"
|
||||
print logout() # This will fail (already logged out)
|
||||
# Also new requests will fail
|
||||
print request_pools()
|
||||
# Untin we do log in again
|
||||
# Until we do log in again
|
||||
login()
|
||||
print request_pools()
|
||||
|
||||
|
279
server/samples/REST3.py
Normal file
279
server/samples/REST3.py
Normal file
@ -0,0 +1,279 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
#
|
||||
# Copyright (c) 2014 Virtual Cable S.L.
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without modification,
|
||||
# are permitted provided that the following conditions are met:
|
||||
#
|
||||
# * Redistributions of source code must retain the above copyright notice,
|
||||
# this list of conditions and the following disclaimer.
|
||||
# * Redistributions in binary form must reproduce the above copyright notice,
|
||||
# this list of conditions and the following disclaimer in the documentation
|
||||
# and/or other materials provided with the distribution.
|
||||
# * Neither the name of Virtual Cable S.L. nor the names of its contributors
|
||||
# may be used to endorse or promote products derived from this software
|
||||
# without specific prior written permission.
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
|
||||
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
||||
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
|
||||
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
||||
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
|
||||
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
||||
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
'''
|
||||
@author: Adolfo Gómez, dkmaster at dkmon dot com
|
||||
'''
|
||||
|
||||
from __future__ import unicode_literals
|
||||
|
||||
from httplib2 import Http
|
||||
import json
|
||||
import sys
|
||||
|
||||
rest_url = 'http://172.27.0.1:8000/rest/'
|
||||
|
||||
|
||||
|
||||
headers = {}
|
||||
|
||||
# Hace login con el root, puede usarse cualquier autenticador y cualquier usuario, pero en la 1.5 solo está implementado poder hacer
|
||||
# este tipo de login con el usuario "root"
|
||||
def login():
|
||||
global headers
|
||||
h = Http()
|
||||
|
||||
# parameters = '{ "auth": "admin", "username": "root", "password": "temporal" }'
|
||||
parameters = '{ "auth": "interna", "username": "admin", "password": "temporal" }'
|
||||
|
||||
resp, content = h.request(rest_url + 'auth/login', method='POST', body=parameters)
|
||||
|
||||
if resp['status'] != '200': # Authentication error due to incorrect parameters, bad request, etc...
|
||||
print "Authentication error"
|
||||
return -1
|
||||
|
||||
# resp contiene las cabeceras, content el contenido de la respuesta (que es json), pero aún está en formato texto
|
||||
res = json.loads(content)
|
||||
print "Authentication response: {}".format(res)
|
||||
if res['result'] != 'ok': # Authentication error
|
||||
print "Authentication error"
|
||||
sys.exit(1)
|
||||
|
||||
headers['X-Auth-Token'] = res['token']
|
||||
headers['content-type'] = 'application/json'
|
||||
|
||||
return 0
|
||||
|
||||
def logout():
|
||||
global headers
|
||||
h = Http()
|
||||
|
||||
resp, content = h.request(rest_url + 'auth/logout', headers=headers)
|
||||
|
||||
if resp['status'] != '200': # Logout error due to incorrect parameters, bad request, etc...
|
||||
print "Error requesting logout"
|
||||
return -1
|
||||
|
||||
# Return value of logout method is nonsense (returns always done right now, but it's not important)
|
||||
|
||||
return 0
|
||||
|
||||
def list_supported_auths_and_fields():
|
||||
h = Http()
|
||||
|
||||
resp, content = h.request(rest_url + 'authenticators/types', headers=headers)
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
r = json.loads(content)
|
||||
|
||||
for auth in r: # r is an array
|
||||
print '* {}'.format(auth['name'])
|
||||
for fld in auth: # every auth is converted to a dictionary in python by json.load
|
||||
# Skip icon
|
||||
if fld != 'icon':
|
||||
print " > {}: {}".format(fld, auth[fld])
|
||||
resp, content = h.request(rest_url + 'authenticators/gui/{}'.format(auth['type']), headers=headers)
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
print " > GUI"
|
||||
rr = json.loads(content)
|
||||
for field in rr:
|
||||
print " - Name: {}".format(field['name'])
|
||||
print " - Value: {}".format(field['value'])
|
||||
print " - GUI: "
|
||||
for gui in field['gui']:
|
||||
print " + {}: {}".format(gui, field['gui'][gui])
|
||||
print " > Simplified fields:"
|
||||
for field in rr:
|
||||
print " - Name: {}, Type: {}, is Required?: {}".format(field['name'], field['gui']['type'], field['gui']['required'])
|
||||
|
||||
def create_simpleldap_auth():
|
||||
h = Http()
|
||||
|
||||
# Keep in mind that parameters are related to kind of authenticator.
|
||||
# To ensure what parameters you need, yo can invoke first its gui
|
||||
# Take a look at list_supported_auths_and_fields method
|
||||
data = {"tags":["Tag1","Tag2","Tag3"],"name":"name_Field","comments":"comments__Field","priority":"1","small_name":"label_Field","host":"host_Field","port":"389","ssl":False,"timeout":"10","username":"username__Field","password":"password_Field","ldapBase":"base_Field","userClass":"userClass_Field","userIdAttr":"userIdAttr_Field","userNameAttr":"userName_Field","groupClass":"groupClass_Field","groupIdAttr":"groupId_Field","memberAttr":"groupMembership_Field","data_type":"SimpleLdapAuthenticator"}
|
||||
resp, content = h.request(rest_url + 'authenticators','PUT', headers=headers, body=json.dumps(data))
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
# Expected content is something like this:
|
||||
# {
|
||||
# "numeric_id": 18,
|
||||
# "groupIdAttr": "groupId_Field",
|
||||
# "port": "389",
|
||||
# "memberAttr": "groupMembership_Field",
|
||||
# "id": "790b9d85-67ec-51dc-847f-dee1daa96a7c",
|
||||
# "userClass": "userClass_Field",
|
||||
# "permission": 96,
|
||||
# "comments": "comments__Field",
|
||||
# "users_count": 0,
|
||||
# "priority": "1",
|
||||
# "type": "SimpleLdapAuthenticator",
|
||||
# "username": "username__Field",
|
||||
# "ldapBase": "base_Field", "userNameAttr":
|
||||
# "userName_Field",
|
||||
# "tags": ["Tag1", "Tag2", "Tag3"],
|
||||
# "groupClass": "groupClass_Field",
|
||||
# "ssl": false,
|
||||
# "host": "host_Field",
|
||||
# "userIdAttr": "userIdAttr_Field",
|
||||
# "password": "password_Field",
|
||||
# "small_name": "label_Field",
|
||||
# "name": "name_Field",
|
||||
# "timeout": "10"
|
||||
# }
|
||||
r = json.loads(content)
|
||||
print "Correctly created {} with id {}".format(r['name'], r['id'])
|
||||
print "The record created was: {}".format(r)
|
||||
return r
|
||||
|
||||
def delete_auth(auth_id):
|
||||
h = Http()
|
||||
|
||||
# Sample delete URL for an auth
|
||||
# http://172.27.0.1:8000/rest/authenticators/790b9d85-67ec-51dc-847f-dee1daa96a7c
|
||||
# Method MUST be DELETE
|
||||
resp, content = h.request(rest_url + 'authenticators/{}'.format(auth_id), 'DELETE', headers=headers)
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
print "Correctly deleted {}".format(auth_id)
|
||||
|
||||
def create_internal_auth():
|
||||
h = Http()
|
||||
|
||||
data = {"tags":[""],"name":"name_Field","comments":"comments_Field","priority":"1","small_name":"label_Field","differentForEachHost":False,"reverseDns":False,"acceptProxy":False,"data_type":"InternalDBAuth"}
|
||||
resp, content = h.request(rest_url + 'authenticators','PUT', headers=headers, body=json.dumps(data))
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
r = json.loads(content)
|
||||
print "Correctly created {} with id {}".format(r['name'], r['id'])
|
||||
print "The record created was: {}".format(r)
|
||||
return r
|
||||
|
||||
def create_internal_group(auth_id):
|
||||
h = Http()
|
||||
|
||||
# Type can also be a metagroup, composed of groups, but for this sample a group is enoutgh
|
||||
data = {"type":"group","name":"groupname_Field","comments":"comments_Field","state":"A"}
|
||||
resp, content = h.request(rest_url + 'authenticators/{}/groups'.format(auth_id),'PUT', headers=headers, body=json.dumps(data))
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
r = json.loads(content)
|
||||
print "Correctly created {} with id {}".format(r['name'], r['id'])
|
||||
print "The record created was: {}".format(r)
|
||||
return r
|
||||
|
||||
def delete_group(auth_id, group_id):
|
||||
h = Http()
|
||||
|
||||
# Method MUST be DELETE
|
||||
resp, content = h.request(rest_url + 'authenticators/{}/groups/{}'.format(auth_id, group_id), 'DELETE', headers=headers)
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
print "Correctly deleted {}".format(auth_id)
|
||||
|
||||
|
||||
def create_internal_user(auth_id, group_id):
|
||||
# Note: internal users NEEDS to store password on UDS, description of auth describes if password field is needed (in this case, we need it)
|
||||
# Also, if authenticator is marked as "external" on its description, the groups field will be ignored.
|
||||
# On internal auths, we can incluide de ID of the groups we want this user to belong to, or it will not belong to any group
|
||||
h = Http()
|
||||
|
||||
data = {"id":"","name":"username_Field","real_name":"name_Field","comments":"comments_Field","state":"A","staff_member":False, "is_admin":False,"password":"password_Field","groups":[group_id]}
|
||||
|
||||
resp, content = h.request(rest_url + 'authenticators/{}/users'.format(auth_id),'PUT', headers=headers, body=json.dumps(data))
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
r = json.loads(content)
|
||||
print "Correctly created {} with id {}".format(r['name'], r['id'])
|
||||
print "The record created was: {}".format(r)
|
||||
return r
|
||||
|
||||
def delete_user(auth_id, user_id):
|
||||
# Deleting user will result in deleting in cascade all asigned resources (machines, apps, etc...)
|
||||
|
||||
h = Http()
|
||||
|
||||
# Method MUST be DELETE
|
||||
resp, content = h.request(rest_url + 'authenticators/{}/users/{}'.format(auth_id, user_id), 'DELETE', headers=headers)
|
||||
if resp['status'] != '200':
|
||||
print "Error in request: \n-------------------\n{}\n{}\n----------------".format(resp, content)
|
||||
sys.exit(1)
|
||||
|
||||
print "Correctly deleted {}".format(auth_id)
|
||||
|
||||
def list_currents_auths():
|
||||
pass
|
||||
|
||||
if __name__ == '__main__':
|
||||
if login() == 0: # If we can log in, will get the pools correctly
|
||||
print "Listing supported auths and related info"
|
||||
list_supported_auths_and_fields()
|
||||
print "*******************************"
|
||||
print "Creating a simple ldap authenticator"
|
||||
auth = create_simpleldap_auth()
|
||||
print "*******************************"
|
||||
print "Deleting the created simple ldap authenticator"
|
||||
delete_auth(auth['id'])
|
||||
print "*******************************"
|
||||
print "Creating internal auth"
|
||||
auth = create_internal_auth()
|
||||
print "*******************************"
|
||||
print "Creating internal group"
|
||||
print "*******************************"
|
||||
group = create_internal_group(auth['id'])
|
||||
print "Creating internal user"
|
||||
print "*******************************"
|
||||
user = create_internal_user(auth['id'], group['id'])
|
||||
print "*******************************"
|
||||
print "Deleting user"
|
||||
delete_user(auth['id'], user['id'])
|
||||
print "*******************************"
|
||||
print "Deleting Group"
|
||||
delete_group(auth['id'], group['id'])
|
||||
print "*******************************"
|
||||
print "Deleting the created internal auth"
|
||||
delete_auth(auth['id'])
|
1494
server/samples/sample_output_REST3.txt
Normal file
1494
server/samples/sample_output_REST3.txt
Normal file
File diff suppressed because it is too large
Load Diff
@ -31,10 +31,11 @@ class WinDomainOsManager(WindowsOsManager):
|
||||
iconFile = 'wosmanager.png'
|
||||
|
||||
# Apart form data from windows os manager, we need also domain and credentials
|
||||
domain = gui.TextField(length=64, label=_('Domain'), order=1, tooltip=_('Domain to join machines to (use FQDN form, Netbios name not allowed)'), required=True)
|
||||
domain = gui.TextField(length=64, label=_('Domain'), order=1, tooltip=_('Domain to join machines to (use FQDN form, Netbios name not supported for most operations)'), required=True)
|
||||
account = gui.TextField(length=64, label=_('Account'), order=2, tooltip=_('Account with rights to add machines to domain'), required=True)
|
||||
password = gui.PasswordField(length=64, label=_('Password'), order=3, tooltip=_('Password of the account'), required=True)
|
||||
ou = gui.TextField(length=64, label=_('OU'), order=4, tooltip=_('Organizational unit where to add machines in domain (check it before using it). i.e.: ou=My Machines,dc=mydomain,dc=local'))
|
||||
grp = gui.TextField(length=64, label=_('Group'), order=5, tooltip=_('Group to which add machines on creation. If empty, no group will be used. (experimental)'))
|
||||
# Inherits base "onLogout"
|
||||
onLogout = WindowsOsManager.onLogout
|
||||
idle = WindowsOsManager.idle
|
||||
@ -56,6 +57,7 @@ class WinDomainOsManager(WindowsOsManager):
|
||||
self._ou = values['ou'].strip()
|
||||
self._account = values['account']
|
||||
self._password = values['password']
|
||||
self._group = values['grp'].strip()
|
||||
else:
|
||||
self._domain = ""
|
||||
self._ou = ""
|
||||
@ -115,6 +117,57 @@ class WinDomainOsManager(WindowsOsManager):
|
||||
|
||||
raise ldap.LDAPError(_str)
|
||||
|
||||
def __getGroup(self, l):
|
||||
base = ','.join(['DC=' + i for i in self._domain.split('.')])
|
||||
group = self._group.replace('\\', '\\\\').replace('(', '\\(').replace(')', '\\)')
|
||||
|
||||
res = l.search_ext_s(base=base, scope=ldap.SCOPE_SUBTREE, filterstr="(&(objectClass=group)(|(cn={0})(sAMAccountName={0})))".format(group), attrlist=[b'dn'])
|
||||
if res[0] is None:
|
||||
return None
|
||||
|
||||
return res[0][0] # Returns the DN
|
||||
|
||||
def __getMachine(self, l, machineName):
|
||||
if self._ou:
|
||||
ou = self._ou
|
||||
else:
|
||||
ou = ','.join(['DC=' + i for i in self._domain.split('.')])
|
||||
|
||||
fltr = '(&(objectClass=computer)(sAMAccountName={}$))'.format(machineName)
|
||||
res = l.search_ext_s(base=ou, scope=ldap.SCOPE_SUBTREE, filterstr=fltr, attrlist=[b'dn'])
|
||||
if res[0] is None:
|
||||
return None
|
||||
|
||||
return res[0][0] # Returns the DN
|
||||
|
||||
def readyReceived(self, userService, data):
|
||||
# No group to add
|
||||
if self._group == '':
|
||||
return
|
||||
|
||||
if not '.' in self._domain:
|
||||
logger.info('Adding to a group for a non FQDN domain is not supported')
|
||||
return
|
||||
|
||||
try:
|
||||
l = self.__connectLdap()
|
||||
except dns.resolver.NXDOMAIN: # No domain found, log it and pass
|
||||
logger.warn('Could not find _ldap._tcp.' + self._domain)
|
||||
log.doLog(service, log.WARN, "Could not remove machine from domain (_ldap._tcp.{0} not found)".format(self._domain), log.OSMANAGER)
|
||||
except ldap.LDAPError:
|
||||
logger.exception('Ldap Exception caught')
|
||||
log.doLog(service, log.WARN, "Could not remove machine from domain (invalid credentials for {0})".format(self._account), log.OSMANAGER)
|
||||
|
||||
try:
|
||||
machine = self.__getMachine(l, userService.friendly_name)
|
||||
group = self.__getGroup(l)
|
||||
l.modify_s(group, ((ldap.MOD_ADD, 'member', machine),))
|
||||
except ldap.ALREADY_EXISTS:
|
||||
# Already added this machine to this group, pass
|
||||
pass
|
||||
except Exception:
|
||||
logger.error('Got exception trying to add machine to group')
|
||||
|
||||
def release(self, service):
|
||||
'''
|
||||
service is a db user service object
|
||||
@ -134,15 +187,11 @@ class WinDomainOsManager(WindowsOsManager):
|
||||
logger.exception('Ldap Exception caught')
|
||||
log.doLog(service, log.WARN, "Could not remove machine from domain (invalid credentials for {0})".format(self._account), log.OSMANAGER)
|
||||
|
||||
|
||||
try:
|
||||
if self._ou:
|
||||
ou = self._ou
|
||||
else:
|
||||
ou = ','.join(['DC=' + i for i in self._domain.split('.')])
|
||||
fltr = '(&(objectClass=computer)(sAMAccountName={}$))'.format(service.friendly_name)
|
||||
res = l.search_ext_s(base=ou, scope=ldap.SCOPE_SUBTREE, filterstr=fltr)[0]
|
||||
l.delete_s(res[0]) # Remove by DN, SYNC
|
||||
res = self.__getMachine(l, service.friendly_name)
|
||||
if res is None:
|
||||
raise Exception('Machine {} not found on AD (permissions?)'.format(service.friendly_name))
|
||||
l.delete_s(res) # Remove by DN, SYNC
|
||||
except IndexError:
|
||||
logger.error('Error deleting {} from BASE {}'.format(service.friendly_name, ou))
|
||||
except Exception:
|
||||
@ -158,11 +207,18 @@ class WinDomainOsManager(WindowsOsManager):
|
||||
except Exception as e:
|
||||
logger.exception('Exception ')
|
||||
return [False, str(e)]
|
||||
|
||||
try:
|
||||
l.search_st(self._ou, ldap.SCOPE_BASE)
|
||||
except ldap.LDAPError as e:
|
||||
return _('Check error: {0}').format(self.__getLdapError(e))
|
||||
|
||||
# Group
|
||||
if self._group != '':
|
||||
if self.__getGroup(l) is None:
|
||||
return _('Check Error: group "{}" not found (using "cn" to locate it)').format(self._group)
|
||||
|
||||
|
||||
return _('Server check was successful')
|
||||
|
||||
@staticmethod
|
||||
@ -208,16 +264,22 @@ class WinDomainOsManager(WindowsOsManager):
|
||||
'''
|
||||
Serializes the os manager data so we can store it in database
|
||||
'''
|
||||
return '\t'.join(['v1', self._domain, self._ou, self._account, CryptoManager.manager().encrypt(self._password), base.encode('hex')])
|
||||
return '\t'.join(['v2', self._domain, self._ou, self._account, CryptoManager.manager().encrypt(self._password), base.encode('hex'), self._group])
|
||||
|
||||
def unmarshal(self, s):
|
||||
data = s.split('\t')
|
||||
if data[0] == 'v1':
|
||||
if data[0] in ('v1', 'v2'):
|
||||
self._domain = data[1]
|
||||
self._ou = data[2]
|
||||
self._account = data[3]
|
||||
self._password = CryptoManager.manager().decrypt(data[4])
|
||||
super(WinDomainOsManager, self).unmarshal(data[5].decode('hex'))
|
||||
|
||||
if data[0] == 'v2':
|
||||
self._group = data[6]
|
||||
else:
|
||||
self._group = ''
|
||||
|
||||
super(WinDomainOsManager, self).unmarshal(data[5].decode('hex'))
|
||||
|
||||
def valuesDict(self):
|
||||
dct = super(WinDomainOsManager, self).valuesDict()
|
||||
@ -225,4 +287,5 @@ class WinDomainOsManager(WindowsOsManager):
|
||||
dct['ou'] = self._ou
|
||||
dct['account'] = self._account
|
||||
dct['password'] = self._password
|
||||
dct['grp'] = self._group
|
||||
return dct
|
||||
|
@ -114,6 +114,7 @@ class WindowsOsManager(osmanagers.OSManager):
|
||||
si = service.getInstance()
|
||||
ip = ''
|
||||
|
||||
ip = ''
|
||||
# Notifies IP to deployed
|
||||
for p in data['ips']:
|
||||
if p[0].lower() == uid.lower():
|
||||
@ -139,6 +140,10 @@ class WindowsOsManager(osmanagers.OSManager):
|
||||
logger.exception('WindowsOs Manager message log: ')
|
||||
log.doLog(service, log.ERROR, "do not understand {0}".format(data), origin)
|
||||
|
||||
# default "ready received" does nothing
|
||||
def readyReceived(self, userService, data):
|
||||
pass
|
||||
|
||||
def process(self, userService, msg, data, options=None):
|
||||
'''
|
||||
We understand this messages:
|
||||
@ -194,6 +199,7 @@ class WindowsOsManager(osmanagers.OSManager):
|
||||
state = State.USABLE
|
||||
notifyReady = True
|
||||
self.notifyIp(userService.unique_id, userService, data)
|
||||
self.readyReceived(userService, data)
|
||||
|
||||
userService.setOsState(state)
|
||||
|
||||
|
@ -78,7 +78,7 @@ class HTML5RDPTransport(Transport):
|
||||
smooth = gui.CheckBoxField(label=_('Font Smoothing'), order=23, tooltip=_('If checked, fonts smoothing will be allowed (windows clients only)'), tab=gui.PARAMETERS_TAB)
|
||||
enableAudio = gui.CheckBoxField(label=_('Enable Audio'), order=24, tooltip=_('If checked, the audio will be redirected to client (if client browser supports it)'), tab=gui.PARAMETERS_TAB)
|
||||
enablePrinting = gui.CheckBoxField(label=_('Enable Printing'), order=25, tooltip=_('If checked, the printing will be redirected to client (if client browser supports it)'), tab=gui.PARAMETERS_TAB)
|
||||
# enableFileShare = gui.CheckBoxField(label=_('Enable File Sharing'), order=8, tooltip=_('If checked, the user will be able to upload/download files (if client browser supports it)'), tab=gui.PARAMETERS_TAB)
|
||||
# enableFileSharing = gui.CheckBoxField(label=_('Enable File Sharing'), order=8, tooltip=_('If checked, the user will be able to upload/download files (if client browser supports it)'), tab=gui.PARAMETERS_TAB)
|
||||
serverLayout = gui.ChoiceField(order=26,
|
||||
label=_('Layout'),
|
||||
tooltip=_('Keyboards Layout of server'),
|
||||
@ -189,7 +189,7 @@ class HTML5RDPTransport(Transport):
|
||||
}
|
||||
|
||||
# if self.enableFileSharing.isTrue():
|
||||
# params['enable-drive'] = self.serverLayout.value
|
||||
# params['enable-drive'] = 'true'
|
||||
|
||||
if self.serverLayout.value != '-':
|
||||
params['server-layout'] = self.serverLayout.value
|
||||
|
@ -40,7 +40,7 @@ from uds.core.util import OsDetector
|
||||
import six
|
||||
import os
|
||||
|
||||
__updated__ = '2017-06-07'
|
||||
__updated__ = '2017-07-06'
|
||||
|
||||
|
||||
class RDPFile(object):
|
||||
@ -227,7 +227,6 @@ class RDPFile(object):
|
||||
res += 'compression:i:' + compression + '\n'
|
||||
res += 'keyboardhook:i:2' + '\n'
|
||||
res += 'audiomode:i:' + audioMode + '\n'
|
||||
res += 'redirectdrives:i:' + drives + '\n'
|
||||
res += 'redirectprinters:i:' + printers + '\n'
|
||||
res += 'redirectcomports:i:' + serials + '\n'
|
||||
res += 'redirectsmartcards:i:' + scards + '\n'
|
||||
@ -260,8 +259,15 @@ class RDPFile(object):
|
||||
if self.redirectAudio is True:
|
||||
res += 'audiocapturemode:i:1\n'
|
||||
|
||||
if self.redirectDrives is True:
|
||||
res += 'drivestoredirect:s:*\n'
|
||||
res += 'devicestoredirect:s:*\n'
|
||||
|
||||
res += 'enablecredsspsupport:i:{}\n'.format(0 if self.enablecredsspsupport is False else 1)
|
||||
|
||||
# DirectX?
|
||||
res += 'redirectdirectx:i:1\n'
|
||||
|
||||
return res
|
||||
|
||||
def getMacOsX(self):
|
||||
|
Loading…
Reference in New Issue
Block a user