only disable account if it isn't

2021-11-02 15:26:50 -04:00
parent 699a2dc321
commit f55c05a575
1 changed files with 3 additions and 0 deletions
--- a/seafile-ldap.py
+++ b/seafile-ldap.py
@@ -215,6 +215,9 @@ for ldapUser in ldapUsers:

 # Loop through the sql ldap users and disable those not in the ldap list
 for sqlLDAPuser in sqlLDAPusers:
+    if sqlLDAPuser[4]:
+        logger.debug("User {0} is already disabled in Seafile".format(sqlLDAPuser[1]))
+        continue
    logger.debug("Searching for user {0} that has an email address, are enabled, and in the {1} group.".format(sqlLDAPuser[1], ldapFilter))
    ldap.search(ldapBase, '(&(mail={0})(!(userAccountControl:1.2.840.113556.1.4.803:=2))({1}))'.format(sqlLDAPuser[1], ldapFilter), attributes=['*'])
    count = len(ldap.entries)