[patch] Check for sAMAccountName attribute presence
|Reported by:||Owned by:||John Hampton|
I'm at the mercy of our Active Directory administrators.
It turns out that we have entries for which
objectCategory=person is true but do not have an
sAMAccountName attribute. Seeing that this attribute is needed for Trac's account management, it would be better to silently ignore these than causing a backtrace in
The attached patch adds a minimal filter to the list comprehension in
As a matter of fact, we have all kinds of things with
objectCategory=person that really aren't, even though they have an
sAMAccountName attribute. As I didn't want the company cars and meeting rooms in my list of users ;-), I requested a few more attributes (surname, given name) in the AD search and expanded the filter implementation.
Of course, you may be able to get rid of unwanted stuff by divining the proper
auth_group but that's beyond me.