IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Handle updating replication agreements that lack nsDS5ReplicatedAttributeList

Browse Source 
When updating from 2.x we need to add nsDS5ReplicatedAttributeList and
nsDS5ReplicatedAttributeListTotal if they aren't present.

If nsDS5ReplicatedAttributeList is present and doesn't contain memberof
then we want to add it.

https://fedorahosted.org/freeipa/ticket/2594
This commit is contained in:
Rob Crittenden 2012-03-30 13:42:31 -04:00 committed by Martin Kosek
parent 56fa06fec4
commit 16b38d39b3
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
ipaserver/install/plugins/fix_replica_memberof.py
View File

@ -33,6 +33,12 @@ class update_replica_memberof(PreUpdate):
order=MIDDLE order=MIDDLE
def execute(self, **options): def execute(self, **options):
totalexcludes = ('entryusn',
'krblastsuccessfulauth',
'krblastfailedauth',
'krbloginfailedcount')
excludes = ('memberof', ) + totalexcludes
# We need an IPAdmin connection to the backend # We need an IPAdmin connection to the backend
conn = ipaldap.IPAdmin(api.env.host, ldapi=True, realm=api.env.realm) conn = ipaldap.IPAdmin(api.env.host, ldapi=True, realm=api.env.realm)
conn.do_external_bind(pwd.getpwuid(os.geteuid()).pw_name) conn.do_external_bind(pwd.getpwuid(os.geteuid()).pw_name)
@ -43,7 +49,21 @@ class update_replica_memberof(PreUpdate):
self.log.debug("Found %d agreement(s)" % len(entries)) self.log.debug("Found %d agreement(s)" % len(entries))
for replica in entries: for replica in entries:
self.log.debug(replica.description) self.log.debug(replica.description)
if 'memberof' not in replica.nsDS5ReplicatedAttributeList: attrlist = replica.getValue('nsDS5ReplicatedAttributeList')
if attrlist is None:
self.log.debug("Adding nsDS5ReplicatedAttributeList and nsDS5ReplicatedAttributeListTotal")
current = replica.toDict()
# Need to add it altogether
replica.setValues('nsDS5ReplicatedAttributeList',
'(objectclass=*) $ EXCLUDE %s' % " ".join(excludes))
replica.setValues('nsDS5ReplicatedAttributeListTotal',
'(objectclass=*) $ EXCLUDE %s' % " ".join(totalexcludes))
try:
repl.conn.updateEntry(replica.dn, current, replica.toDict())
self.log.debug("Updated")
except Exception, e:
self.log.error("Error caught updating replica: %s" % str(e))
elif 'memberof' not in attrlist.lower():
self.log.debug("Attribute list needs updating") self.log.debug("Attribute list needs updating")
current = replica.toDict() current = replica.toDict()
replica.setValue('nsDS5ReplicatedAttributeList', replica.setValue('nsDS5ReplicatedAttributeList',