In active directory it can happen that an object has all the required object classes of a user bit is still missing the chosen uid attribute. Particularly, internal systema accounts do not have a userPrincipalName attribute. This patch fixes that by always checking for precense of the uid attribute in the search filter.
Index: LDAPUserFolder.py
===================================================================
--- LDAPUserFolder.py (revision 1280)
+++ LDAPUserFolder.py (working copy)
@@ -621,10 +623,8 @@
""" Return filter string suitable for querying on user objects """
user_filter = [filter_format('(%s=%s)', ('objectClass', o))
for o in filter(None, self._user_objclasses)]
- if user_filter:
- user_filter = '(&%s)' % ''.join(user_filter)
- else:
- user_filter = '(objectClass=*)'
+ user_filter.append("(%s=*)" % self._uid_attr)
+ user_filter = '(&%s)' % ''.join(user_filter)
return user_filter
|
