Change the way we determine if the host has a password set.

When creating a host with a password we don't set a Kerberos principal or add the Kerberos objectclasses. Those get added when the host is enrolled. If one passed in --password= (so no password) then we incorrectly thought the user was in fact setting a password, so the principal and objectclasses weren't updated. https://fedorahosted.org/freeipa/ticket/4102
2025-02-25 18:55:28 -06:00 · 2014-01-14 14:23:47 -05:00
parent 689382dc83
commit 0070c0feda
2 changed files with 28 additions and 1 deletions
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -424,7 +424,7 @@ class host_add(LDAPCreate):
            entry_attrs['l'] = entry_attrs['locality']
        entry_attrs['cn'] = keys[-1]
        entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0]
-        if 'userpassword' not in entry_attrs and not options.get('random', False):
+        if not entry_attrs.get('userpassword', False) and not options.get('random', False):
            entry_attrs['krbprincipalname'] = 'host/%s@%s' % (
                keys[-1], self.api.env.realm
            )