sources/ldap: fix Issue with changing passwords with eDirectory (#7997)

* Issue with changing passwords with eDirectory #5851

Fixed authentik\sources\ldap\password.py to also catch the exception on LDAPNoSuchAttributeResult that is returned when Authentik tries to query LDAP with Microsoft to an eDirectory Server instead.

* fix: Issue with changing passwords with eDirectory #5851

Fixed authentik\sources\ldap\password.py to also catch the exception on LDAPNoSuchAttributeResult that is returned when Authentik tries to query LDAP with Microsoft to an eDirectory Server instead.

* Update authentik/sources/ldap/password.py

Signed-off-by: Jens L. <jens@beryju.org>

---------

Signed-off-by: Jens L. <jens@beryju.org>
Co-authored-by: Brendon Allen <brendon.allen@levelup.solutions>
Co-authored-by: Jens L <jens@beryju.org>
This commit is contained in:
Brendon Allen 2023-12-26 23:57:54 +10:00 committed by GitHub
parent 582016a586
commit afc968437d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 2 deletions

View File

@ -4,7 +4,11 @@ from re import split
from typing import Optional from typing import Optional
from ldap3 import BASE from ldap3 import BASE
from ldap3.core.exceptions import LDAPAttributeError, LDAPUnwillingToPerformResult from ldap3.core.exceptions import (
LDAPAttributeError,
LDAPNoSuchAttributeResult,
LDAPUnwillingToPerformResult,
)
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
from authentik.core.models import User from authentik.core.models import User
@ -97,7 +101,7 @@ class LDAPPasswordChanger:
return return
try: try:
self._connection.extend.microsoft.modify_password(user_dn, password) self._connection.extend.microsoft.modify_password(user_dn, password)
except (LDAPAttributeError, LDAPUnwillingToPerformResult): except (LDAPAttributeError, LDAPUnwillingToPerformResult, LDAPNoSuchAttributeResult):
self._connection.extend.standard.modify_password(user_dn, new_password=password) self._connection.extend.standard.modify_password(user_dn, new_password=password)
def _ad_check_password_existing(self, password: str, user_dn: str) -> bool: def _ad_check_password_existing(self, password: str, user_dn: str) -> bool: