Switch LDAP groups from groupOfUniqueNames to groupOfNames, to work with libpam-ldapd.

2026-03-11 09:04:54 +00:00 · 2015-07-12 12:35:48 -04:00 · 2015-07-12 12:35:48 -04:00 · 6ca38ba665
commit 6ca38ba665
parent b1c9c81d58
6 changed files with 15 additions and 15 deletions
--- a/actions/add-ldap-user-to-group
+++ b/actions/add-ldap-user-to-group
@ -28,16 +28,16 @@ if [ -z "$results" ]; then
    # create group, with user as initial member
    cat <<EOF |ldapadd -Y EXTERNAL -H ldapi:///
 dn: cn=$groupname,ou=groups,dc=thisbox
-objectClass: groupOfUniqueNames
+objectClass: groupOfNames
 cn: $groupname
-uniqueMember: uid=$username,ou=users,dc=thisbox
+member: uid=$username,ou=users,dc=thisbox
 EOF
 else
    # add user to existing group
    cat <<EOF |ldapmodify -Y EXTERNAL -H ldapi:///
 dn: cn=$groupname,ou=groups,dc=thisbox
 changetype: modify
-add: uniqueMember
-uniqueMember: uid=$username,ou=users,dc=thisbox
+add: member
+member: uid=$username,ou=users,dc=thisbox
 EOF
 fi
--- a/actions/delete-ldap-user
+++ b/actions/delete-ldap-user
@ -36,8 +36,8 @@ while read -r line; do
    cat <<EOF |ldapmodify -Y EXTERNAL -H ldapi:///
 $line
 changetype: modify
-delete: uniqueMember
-uniqueMember: uid=$username,ou=users,dc=thisbox
+delete: member
+member: uid=$username,ou=users,dc=thisbox
 EOF

    if [ $? -eq 65 ]; then
--- a/actions/get-ldap-user-groups
+++ b/actions/get-ldap-user-groups
@ -20,4 +20,4 @@

 username="$1"

-ldapsearch 2>/dev/null -Y EXTERNAL -H ldapi:/// -b 'ou=groups,dc=thisbox' -LLL "(uniqueMember=uid=$username,ou=users,dc=thisbox)" cn | awk '/cn:/ { print $2 }'
+ldapsearch 2>/dev/null -Y EXTERNAL -H ldapi:/// -b 'ou=groups,dc=thisbox' -LLL "(member=uid=$username,ou=users,dc=thisbox)" cn | awk '/cn:/ { print $2 }'
--- a/actions/remove-ldap-user-from-group
+++ b/actions/remove-ldap-user-from-group
@ -24,8 +24,8 @@ groupname="$2"
 cat <<EOF |ldapmodify -Y EXTERNAL -H ldapi:///
 dn: cn=$groupname,ou=groups,dc=thisbox
 changetype: modify
-delete: uniqueMember
-uniqueMember: uid=$username,ou=users,dc=thisbox
+delete: member
+member: uid=$username,ou=users,dc=thisbox
 EOF

 if [ $? -eq 0 ]; then
--- a/actions/rename-ldap-user
+++ b/actions/rename-ldap-user
@ -42,14 +42,14 @@ while read -r line; do
    cat <<EOF |ldapmodify -Y EXTERNAL -H ldapi:///
 $line
 changetype: modify
-add: uniqueMember
-uniqueMember: uid=$new_username,ou=users,dc=thisbox
+add: member
+member: uid=$new_username,ou=users,dc=thisbox
 EOF

    cat <<EOF |ldapmodify -Y EXTERNAL -H ldapi:///
 $line
 changetype: modify
-delete: uniqueMember
-uniqueMember: uid=$old_username,ou=users,dc=thisbox
+delete: member
+member: uid=$old_username,ou=users,dc=thisbox
 EOF
 done <<< "$results"
--- a/plinth/modules/users/forms.py
+++ b/plinth/modules/users/forms.py
@ -128,7 +128,7 @@ class UserUpdateForm(forms.ModelForm):
                                              [user.get_username(), old_group])
                    except ActionError:
                        messages.error(self.request,
-                                       _('Failed to add user to group.'))
+                                       _('Failed to remove user from group.'))
            for new_group in new_groups:
                if new_group not in old_groups:
                    try:
@ -136,7 +136,7 @@ class UserUpdateForm(forms.ModelForm):
                                              [user.get_username(), new_group])
                    except ActionError:
                        messages.error(self.request,
-                                       _('Failed to remove user from group.'))
+                                       _('Failed to add user to group.'))

        return user