From e258e7b03f18755efc7a62e097714a6073fd90ae Mon Sep 17 00:00:00 2001 From: angeloudy Date: Thu, 19 Jul 2018 11:44:24 +1000 Subject: [PATCH 1/3] values need to be bytes when writing back to ldap --- salt/modules/ldap3.py | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/salt/modules/ldap3.py b/salt/modules/ldap3.py index 9b11745709cb..1ecf9bd3a61a 100644 --- a/salt/modules/ldap3.py +++ b/salt/modules/ldap3.py @@ -572,19 +572,16 @@ def change(connect_spec, dn, before, after): # convert the "iterable of values" to lists in case that's what # modifyModlist() expects (also to ensure that the caller's dicts # are not modified) - before = dict(((attr, list(vals)) + before = dict(((attr, salt.utils.data.encode(vals)) for attr, vals in six.iteritems(before))) - after = dict(((attr, list(vals)) + after = dict(((attr, salt.utils.data.encode(vals)) for attr, vals in six.iteritems(after))) if 'unicodePwd' in after: after['unicodePwd'] = [_format_unicode_password(x) for x in after['unicodePwd']] - modlist = salt.utils.data.decode( - ldap.modlist.modifyModlist(before, after), - to_str=True, - preserve_tuples=True - ) + modlist = ldap.modlist.modifyModlist(before, after) + try: l.c.modify_s(dn, modlist) except ldap.LDAPError as e: From d01f9a9d8cc49e2e28f3e4a0eee76a5062e82d52 Mon Sep 17 00:00:00 2001 From: angeloudy Date: Mon, 23 Jul 2018 15:49:00 +1000 Subject: [PATCH 2/3] values need to be bytes when writing to ldap --- salt/modules/ldap3.py | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/salt/modules/ldap3.py b/salt/modules/ldap3.py index 1ecf9bd3a61a..ad50924fc6ec 100644 --- a/salt/modules/ldap3.py +++ b/salt/modules/ldap3.py @@ -402,18 +402,14 @@ def add(connect_spec, dn, attributes): # convert the "iterable of values" to lists in case that's what # addModlist() expects (also to ensure that the caller's objects # are not modified) - attributes = dict(((attr, list(vals)) + attributes = dict(((attr, salt.utils.data.encode(list(vals))) for attr, vals in six.iteritems(attributes))) log.info('adding entry: dn: %s attributes: %s', repr(dn), repr(attributes)) if 'unicodePwd' in attributes: attributes['unicodePwd'] = [_format_unicode_password(x) for x in attributes['unicodePwd']] - modlist = salt.utils.data.decode( - ldap.modlist.addModlist(attributes), - to_str=True, - preserve_tuples=True - ) + modlist = ldap.modlist.addModlist(attributes), try: l.c.add_s(dn, modlist) except ldap.LDAPError as e: From aefc6e26a8a4b29f5ebbb59eefb103445bc0a24f Mon Sep 17 00:00:00 2001 From: Tao ZHOU Date: Thu, 27 Sep 2018 14:29:22 +1000 Subject: [PATCH 3/3] Update ldap3.py --- salt/modules/ldap3.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/salt/modules/ldap3.py b/salt/modules/ldap3.py index ad50924fc6ec..30452f55e7b0 100644 --- a/salt/modules/ldap3.py +++ b/salt/modules/ldap3.py @@ -568,9 +568,9 @@ def change(connect_spec, dn, before, after): # convert the "iterable of values" to lists in case that's what # modifyModlist() expects (also to ensure that the caller's dicts # are not modified) - before = dict(((attr, salt.utils.data.encode(vals)) + before = dict(((attr, salt.utils.data.encode(list(vals))) for attr, vals in six.iteritems(before))) - after = dict(((attr, salt.utils.data.encode(vals)) + after = dict(((attr, salt.utils.data.encode(list(vals))) for attr, vals in six.iteritems(after))) if 'unicodePwd' in after: