Module: check_mk
Branch: master
Commit: 7deecb41653ab8807781886b86688245e87c4ff2
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=7deecb41653ab8…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Mon Feb 17 09:34:50 2014 +0100
FIX LDAP: Disable logging of password changes received from LDAP
---
.werks/671 | 9 +++++++++
ChangeLog | 1 +
web/plugins/userdb/ldap.py | 19 +++++++++++--------
3 files changed, 21 insertions(+), 8 deletions(-)
diff --git a/.werks/671 b/.werks/671
new file mode 100644
index 0000000..10f5b1c
--- /dev/null
+++ b/.werks/671
@@ -0,0 +1,9 @@
+Title: LDAP: Disable logging of password changes received from LDAP
+Level: 1
+Component: multisite
+Class: fix
+State: unknown
+Version: 1.2.5i1
+Date: 1392626070
+
+
diff --git a/ChangeLog b/ChangeLog
index 3a17581..03b0ba7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -219,6 +219,7 @@
* 0274 FIX: Fixed exception when view title or description was missing
* 0278 FIX: Fixed bookmark icon images for non-english user languages...
* 0670 FIX: LDAP: Fixed sync when non lower case attributes are configured...
+ * 0671 FIX: LDAP: Disable logging of password changes received from LDAP
WATO:
* 0308 Multisite can now set rotation view permissions for NagVis...
diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index 31809b3..31e1ced 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -1044,16 +1044,19 @@ def ldap_sync(add_to_changelog, only_username):
details.append(_('Added: %s') % ', '.join(added))
if removed:
details.append(_('Removed: %s') % ', '.join(removed))
+
+ # Ignore password changes from ldap - do not log them. For now.
+ if 'ldap_pw_last_changed' in changed:
+ changed.remove('ldap_pw_last_changed')
+ if 'serial' in changed:
+ changed.remove('serial')
+
if changed:
- if 'ldap_pw_last_changed' in changed and 'serial' in
changed:
- details.append(_('Password Changed'))
- changed.remove('ldap_pw_last_changed')
- changed.remove('serial')
- if changed:
- details.append(('Changed: %s') % ', '.join(changed))
+ details.append(('Changed: %s') % ', '.join(changed))
- wato.log_pending(wato.SYNCRESTART, None, "edit-users",
- _("LDAP Connector: Modified user %s (%s)") % (user_id, ',
'.join(details)))
+ if details:
+ wato.log_pending(wato.SYNCRESTART, None, "edit-users",
+ _("LDAP Connector: Modified user %s (%s)") % (user_id,
', '.join(details)))
duration = time.time() - start_time
ldap_log('SYNC FINISHED - Duration: %0.3f sec' % duration)