IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Replace setValue by keyword arguments when creating entries

Browse Source 
Part of the work for: https://fedorahosted.org/freeipa/ticket/2660
This commit is contained in:
Petr Viktorin 2013-01-18 09:24:35 -05:00 committed by Martin Kosek
parent 6896626baa
commit 3dd4b36e1a
7 changed files with 202 additions and 156 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
ipaserver/install/adtrustinstance.py
View File

@ -326,23 +326,26 @@ class ADTRUSTInstance(service.Service):
try: try:
self.admin_conn.getEntry(new_dn, ldap.SCOPE_BASE) self.admin_conn.getEntry(new_dn, ldap.SCOPE_BASE)
except errors.NotFound: except errors.NotFound:
entry = self.admin_conn.make_entry(new_dn)
entry.setValues("objectclass", ["nsContainer"])
try: try:
name = new_dn[1].attr name = new_dn[1].attr
except Exception, e: except Exception, e:
self.print_msg('Cannot extract RDN attribute value from "%s": %s' % \ self.print_msg('Cannot extract RDN attribute value from "%s": %s' % \
(new_dn, e)) (new_dn, e))
return return
entry.setValues("cn", name) entry = self.admin_conn.make_entry(
new_dn, objectclass=['nsContainer'], cn=[name])
self.admin_conn.addEntry(entry) self.admin_conn.addEntry(entry)
entry = self.admin_conn.make_entry(self.smb_dom_dn) entry = self.admin_conn.make_entry(
entry.setValues("objectclass", [self.OBJC_DOMAIN, "nsContainer"]) self.smb_dom_dn,
entry.setValues("cn", self.domain_name) {
entry.setValues(self.ATTR_FLAT_NAME, self.netbios_name) 'objectclass': [self.OBJC_DOMAIN, "nsContainer"],
entry.setValues(self.ATTR_SID, self.__gen_sid_string()) 'cn': [self.domain_name],
entry.setValues(self.ATTR_GUID, str(uuid.uuid4())) self.ATTR_FLAT_NAME: [self.netbios_name],
self.ATTR_SID: [self.__gen_sid_string()],
self.ATTR_GUID: [str(uuid.uuid4())],
}
)
#TODO: which MAY attributes do we want to set ? #TODO: which MAY attributes do we want to set ?
self.admin_conn.addEntry(entry) self.admin_conn.addEntry(entry)
@ -452,10 +455,12 @@ class ADTRUSTInstance(service.Service):
current.setValues("member", members + [self.cifs_agent]) current.setValues("member", members + [self.cifs_agent])
self.admin_conn.updateEntry(self.smb_dn, entry.toDict(), current.toDict()) self.admin_conn.updateEntry(self.smb_dn, entry.toDict(), current.toDict())
except errors.NotFound: except errors.NotFound:
entry = self.admin_conn.make_entry(self.smb_dn) entry = self.admin_conn.make_entry(
entry.setValues("objectclass", ["top", "GroupOfNames"]) self.smb_dn,
entry.setValues("cn", self.smb_dn['cn']) objectclass=["top", "GroupOfNames"],
entry.setValues("member", [self.cifs_agent]) cn=[self.smb_dn['cn']],
member=[self.cifs_agent],
)
self.admin_conn.addEntry(entry) self.admin_conn.addEntry(entry)
except Exception, e: except Exception, e:
# CIFS principal already exists, it is not the first time adtrustinstance is managed # CIFS principal already exists, it is not the first time adtrustinstance is managed
@ -734,13 +739,15 @@ class ADTRUSTInstance(service.Service):
"range.\nAdd local ID range manually and try " \ "range.\nAdd local ID range manually and try " \
"again!") "again!")
entry = self.admin_conn.make_entry(DN(('cn', ('%s_id_range' % self.realm)), entry = self.admin_conn.make_entry(
api.env.container_ranges, DN(
self.suffix)) ('cn', ('%s_id_range' % self.realm)),
entry.setValue('objectclass', 'ipaDomainIDRange') api.env.container_ranges, self.suffix),
entry.setValue('cn', ('%s_id_range' % self.realm)) objectclass=['ipaDomainIDRange'],
entry.setValue('ipaBaseID', str(base_id)) cn=['%s_id_range' % self.realm],
entry.setValue('ipaIDRangeSize', str(id_range_size)) ipaBaseID=[str(base_id)],
ipaIDRangeSize=[str(id_range_size)],
)
self.admin_conn.addEntry(entry) self.admin_conn.addEntry(entry)
def create_instance(self): def create_instance(self):

16
ipaserver/install/cainstance.py
View File

@ -395,14 +395,14 @@ class CADSInstance(service.Service):
(ldap.MOD_ADD, "nsslapd-secureport", str(DEFAULT_DSPORT+1))] (ldap.MOD_ADD, "nsslapd-secureport", str(DEFAULT_DSPORT+1))]
conn.modify_s(DN(('cn', 'config')), mod) conn.modify_s(DN(('cn', 'config')), mod)
entry = conn.make_entry(DN(('cn', 'RSA'), ('cn', 'encryption'), ('cn', 'config'))) entry = conn.make_entry(
DN(('cn', 'RSA'), ('cn', 'encryption'), ('cn', 'config')),
entry.setValues("objectclass", "top", "nsEncryptionModule") objectclass=["top", "nsEncryptionModule"],
entry.setValues("cn", "RSA") cn=["RSA"],
entry.setValues("nsSSLPersonalitySSL", self.nickname) nsSSLPersonalitySSL=[self.nickname],
entry.setValues("nsSSLToken", "internal (software)") nsSSLToken=["internal (software)"],
entry.setValues("nsSSLActivation", "on") nsSSLActivation=["on"],
)
conn.addEntry(entry) conn.addEntry(entry)
conn.unbind() conn.unbind()

16
ipaserver/install/dsinstance.py
View File

@ -570,14 +570,14 @@ class DsInstance(service.Service):
mod = [(ldap.MOD_ADD, "nsslapd-security", "on")] mod = [(ldap.MOD_ADD, "nsslapd-security", "on")]
conn.modify_s(DN(('cn', 'config')), mod) conn.modify_s(DN(('cn', 'config')), mod)
entry = conn.make_entry(DN(('cn', 'RSA'), ('cn', 'encryption'), ('cn', 'config'))) entry = conn.make_entry(
DN(('cn', 'RSA'), ('cn', 'encryption'), ('cn', 'config')),
entry.setValues("objectclass", "top", "nsEncryptionModule") objectclass=["top", "nsEncryptionModule"],
entry.setValues("cn", "RSA") cn=["RSA"],
entry.setValues("nsSSLPersonalitySSL", nickname) nsSSLPersonalitySSL=[nickname],
entry.setValues("nsSSLToken", "internal (software)") nsSSLToken=["internal (software)"],
entry.setValues("nsSSLActivation", "on") nsSSLActivation=["on"],
)
conn.addEntry(entry) conn.addEntry(entry)
conn.unbind() conn.unbind()

84
ipaserver/install/krbinstance.py
View File

@ -108,22 +108,31 @@ class KrbInstance(service.Service):
self.admin_conn.deleteEntry(service_dn) self.admin_conn.deleteEntry(service_dn)
# Create a host entry for this master # Create a host entry for this master
host_dn = DN(('fqdn', self.fqdn), ('cn', 'computers'), ('cn', 'accounts'), self.suffix) host_dn = DN(
host_entry = self.admin_conn.make_entry(host_dn) ('fqdn', self.fqdn), ('cn', 'computers'), ('cn', 'accounts'),
host_entry.setValues('objectclass', ['top', 'ipaobject', 'nshost', 'ipahost', 'ipaservice', 'pkiuser', 'krbprincipalaux', 'krbprincipal', 'krbticketpolicyaux', 'ipasshhost']) self.suffix)
host_entry.setValues('krbextradata', service_entry.getValues('krbextradata')) host_entry = self.admin_conn.make_entry(
host_entry.setValue('krblastpwdchange', service_entry.getValue('krblastpwdchange')) host_dn,
objectclass=[
'top', 'ipaobject', 'nshost', 'ipahost', 'ipaservice',
'pkiuser', 'krbprincipalaux', 'krbprincipal',
'krbticketpolicyaux', 'ipasshhost'],
krbextradata=service_entry['krbextradata'],
krblastpwdchange=service_entry['krblastpwdchange'],
krbprincipalname=service_entry['krbprincipalname'],
krbprincipalkey=service_entry['krbprincipalkey'],
serverhostname=[self.fqdn.split('.',1)[0]],
cn=[self.fqdn],
fqdn=[self.fqdn],
ipauniqueid=['autogenerate'],
managedby=[host_dn],
)
if 'krbpasswordexpiration' in service_entry.toDict(): if 'krbpasswordexpiration' in service_entry.toDict():
host_entry.setValue('krbpasswordexpiration', service_entry.getValue('krbpasswordexpiration')) host_entry['krbpasswordexpiration'] = [
host_entry.setValue('krbprincipalname', service_entry.getValue('krbprincipalname')) service_entry.getValue('krbpasswordexpiration')]
if 'krbticketflags' in service_entry.toDict(): if 'krbticketflags' in service_entry.toDict():
host_entry.setValue('krbticketflags', service_entry.getValue('krbticketflags')) host_entry['krbticketflags'] = [
host_entry.setValue('krbprincipalkey', service_entry.getValue('krbprincipalkey')) service_entry.getValue('krbticketflags')]
host_entry.setValue('serverhostname', self.fqdn.split('.',1)[0])
host_entry.setValue('cn', self.fqdn)
host_entry.setValue('fqdn', self.fqdn)
host_entry.setValue('ipauniqueid', 'autogenerate')
host_entry.setValue('managedby', host_dn)
self.admin_conn.addEntry(host_entry) self.admin_conn.addEntry(host_entry)
def __common_setup(self, realm_name, host_name, domain_name, admin_password): def __common_setup(self, realm_name, host_name, domain_name, admin_password):
@ -264,31 +273,30 @@ class KrbInstance(service.Service):
root_logger.critical("Error while enumerating SASL mappings %s" % str(e)) root_logger.critical("Error while enumerating SASL mappings %s" % str(e))
raise e raise e
entry = self.admin_conn.make_entry(DN(('cn', 'Full Principal'), ('cn', 'mapping'), ('cn', 'sasl'), ('cn', 'config'))) entry = self.admin_conn.make_entry(
entry.setValues("objectclass", "top", "nsSaslMapping") DN(
entry.setValues("cn", "Full Principal") ('cn', 'Full Principal'), ('cn', 'mapping'), ('cn', 'sasl'),
entry.setValues("nsSaslMapRegexString", '\(.*\)@\(.*\)') ('cn', 'config')),
entry.setValues("nsSaslMapBaseDNTemplate", self.suffix) objectclass=["top", "nsSaslMapping"],
entry.setValues("nsSaslMapFilterTemplate", '(krbPrincipalName=\\1@\\2)') cn=["Full Principal"],
nsSaslMapRegexString=['\(.*\)@\(.*\)'],
nsSaslMapBaseDNTemplate=[self.suffix],
nsSaslMapFilterTemplate=['(krbPrincipalName=\\1@\\2)'],
)
self.admin_conn.addEntry(entry)
try: entry = self.admin_conn.make_entry(
self.admin_conn.addEntry(entry) DN(
except ldap.ALREADY_EXISTS: ('cn', 'Name Only'), ('cn', 'mapping'), ('cn', 'sasl'),
root_logger.critical("failed to add Full Principal Sasl mapping") ('cn', 'config')),
raise e objectclass=["top", "nsSaslMapping"],
cn=["Name Only"],
entry = self.admin_conn.make_entry(DN(('cn', 'Name Only'), ('cn', 'mapping'), ('cn', 'sasl'), ('cn', 'config'))) nsSaslMapRegexString=['^[^:@]+$'],
entry.setValues("objectclass", "top", "nsSaslMapping") nsSaslMapBaseDNTemplate=[self.suffix],
entry.setValues("cn", "Name Only") nsSaslMapFilterTemplate=[
entry.setValues("nsSaslMapRegexString", '^[^:@]+$') '(krbPrincipalName=&@%s)' % self.realm],
entry.setValues("nsSaslMapBaseDNTemplate", self.suffix) )
entry.setValues("nsSaslMapFilterTemplate", '(krbPrincipalName=&@%s)' % self.realm) self.admin_conn.addEntry(entry)
try:
self.admin_conn.addEntry(entry)
except ldap.ALREADY_EXISTS:
root_logger.critical("failed to add Name Only Sasl mapping")
raise e
def __add_krb_container(self): def __add_krb_container(self):
self._ldap_mod("kerberos.ldif", self.sub_dict) self._ldap_mod("kerberos.ldif", self.sub_dict)

13
ipaserver/install/ldapupdate.py
View File

@ -422,12 +422,13 @@ class LDAPUpdate:
cn = "indextask_%s_%s_%s" % (attribute, cn_uuid.time, cn_uuid.clock_seq) cn = "indextask_%s_%s_%s" % (attribute, cn_uuid.time, cn_uuid.clock_seq)
dn = DN(('cn', cn), ('cn', 'index'), ('cn', 'tasks'), ('cn', 'config')) dn = DN(('cn', cn), ('cn', 'index'), ('cn', 'tasks'), ('cn', 'config'))
e = self.conn.make_entry(dn) e = self.conn.make_entry(
dn,
e.setValues('objectClass', ['top', 'extensibleObject']) objectClass=['top', 'extensibleObject'],
e.setValue('cn', cn) cn=[cn],
e.setValue('nsInstance', 'userRoot') nsInstance=['userRoot'],
e.setValues('nsIndexAttribute', attribute) nsIndexAttribute=[attribute],
)
self.info("Creating task to index attribute: %s", attribute) self.info("Creating task to index attribute: %s", attribute)
self.debug("Task id: %s", dn) self.debug("Task id: %s", dn)

153
ipaserver/install/replication.py
View File

@ -287,11 +287,15 @@ class ReplicationManager(object):
rdn_attr = dn[0].attr rdn_attr = dn[0].attr
rdn_val = dn[0].value rdn_val = dn[0].value
ent = conn.make_entry(dn) ent = conn.make_entry(
ent.setValues("objectclass", "top", "person") dn,
ent.setValues(rdn_attr, rdn_val) {
ent.setValues("userpassword", pw) 'objectclass': ["top", "person"],
ent.setValues("sn", "replication manager pseudo user") rdn_attr: [rdn_val],
'userpassword': [pw],
'sn': ["replication manager pseudo user"],
}
)
try: try:
conn.addEntry(ent) conn.addEntry(ent)
@ -337,25 +341,28 @@ class ReplicationManager(object):
replica_type = self.get_replica_type() replica_type = self.get_replica_type()
entry = conn.make_entry(dn) entry = conn.make_entry(
entry.setValues('objectclass', "top", "nsds5replica", "extensibleobject") dn,
entry.setValues('cn', "replica") objectclass=["top", "nsds5replica", "extensibleobject"],
entry.setValues('nsds5replicaroot', str(self.suffix)) cn=["replica"],
entry.setValues('nsds5replicaid', str(replica_id)) nsds5replicaroot=[str(self.suffix)],
entry.setValues('nsds5replicatype', replica_type) nsds5replicaid=[str(replica_id)],
entry.setValues('nsds5flags', "1") nsds5replicatype=[replica_type],
entry.setValues('nsds5replicabinddn', [replica_binddn]) nsds5flags=["1"],
entry.setValues('nsds5replicalegacyconsumer', "off") nsds5replicabinddn=[replica_binddn],
nsds5replicalegacyconsumer=["off"],
)
conn.addEntry(entry) conn.addEntry(entry)
def setup_changelog(self, conn): def setup_changelog(self, conn):
dn = DN(('cn', 'changelog5'), ('cn', 'config')) entry = conn.make_entry(
dirpath = conn.dbdir + "/cldb" DN(('cn', 'changelog5'), ('cn', 'config')),
entry = conn.make_entry(dn) {
entry.setValues('objectclass', "top", "extensibleobject") 'objectclass': ["top", "extensibleobject"],
entry.setValues('cn', "changelog5") 'cn': ["changelog5"],
entry.setValues('nsslapd-changelogdir', dirpath) 'nsslapd-changelogdir': [conn.dbdir + "/cldb"],
}
)
try: try:
conn.addEntry(entry) conn.addEntry(entry)
except errors.DuplicateEntry: except errors.DuplicateEntry:
@ -372,14 +379,18 @@ class ReplicationManager(object):
try: try:
cn = benamebase + str(benum) # e.g. localdb1 cn = benamebase + str(benum) # e.g. localdb1
dn = DN(('cn', cn), chaindn) dn = DN(('cn', cn), chaindn)
entry = self.conn.make_entry(dn) entry = conn.make_entry(
entry.setValues('objectclass', 'top', 'extensibleObject', 'nsBackendInstance') dn,
entry.setValues('cn', cn) {
entry.setValues('nsslapd-suffix', str(self.suffix)) 'objectclass': [
entry.setValues('nsfarmserverurl', urls) 'top', 'extensibleObject', 'nsBackendInstance'],
entry.setValues('nsmultiplexorbinddn', self.repl_man_dn) 'cn': [cn],
entry.setValues('nsmultiplexorcredentials', self.repl_man_passwd) 'nsslapd-suffix': [str(self.suffix)],
'nsfarmserverurl': urls,
'nsmultiplexorbinddn': [self.repl_man_dn],
'nsmultiplexorcredentials': [self.repl_man_passwd],
}
)
self.conn.addEntry(entry) self.conn.addEntry(entry)
done = True done = True
except errors.DuplicateEntry: except errors.DuplicateEntry:
@ -444,10 +455,12 @@ class ReplicationManager(object):
pass pass
# The user doesn't exist, add it # The user doesn't exist, add it
entry = conn.make_entry(pass_dn) entry = conn.make_entry(
entry.setValues("objectclass", ["account", "simplesecurityobject"]) pass_dn,
entry.setValues("uid", "passsync") objectclass=["account", "simplesecurityobject"],
entry.setValues("userPassword", password) uid=["passsync"],
userPassword=[password],
)
conn.addEntry(entry) conn.addEntry(entry)
# Add it to the list of users allowed to bypass password policy # Add it to the list of users allowed to bypass password policy
@ -516,25 +529,27 @@ class ReplicationManager(object):
except errors.NotFound: except errors.NotFound:
pass pass
entry = a_conn.make_entry(dn) entry = a_conn.make_entry(
entry.setValues('objectclass', "nsds5replicationagreement") dn,
entry.setValues('cn', cn) objectclass=["nsds5replicationagreement"],
entry.setValues('nsds5replicahost', b_hostname) cn=[cn],
entry.setValues('nsds5replicaport', str(port)) nsds5replicahost=[b_hostname],
entry.setValues('nsds5replicatimeout', str(TIMEOUT)) nsds5replicaport=[str(port)],
entry.setValues('nsds5replicaroot', str(self.suffix)) nsds5replicatimeout=[str(TIMEOUT)],
nsds5replicaroot=[str(self.suffix)],
description=["me to %s" % b_hostname],
)
if master is None: if master is None:
entry.setValues('nsDS5ReplicatedAttributeList', entry['nsDS5ReplicatedAttributeList'] = [
'(objectclass=*) $ EXCLUDE %s' % " ".join(EXCLUDES)) '(objectclass=*) $ EXCLUDE %s' % " ".join(EXCLUDES)]
entry.setValues('description', "me to %s" % b_hostname)
if isgssapi: if isgssapi:
entry.setValues('nsds5replicatransportinfo', 'LDAP') entry['nsds5replicatransportinfo'] = ['LDAP']
entry.setValues('nsds5replicabindmethod', 'SASL/GSSAPI') entry['nsds5replicabindmethod'] = ['SASL/GSSAPI']
else: else:
entry.setValues('nsds5replicabinddn', repl_man_dn) entry['nsds5replicabinddn'] = [repl_man_dn]
entry.setValues('nsds5replicacredentials', repl_man_passwd) entry['nsds5replicacredentials'] = [repl_man_passwd]
entry.setValues('nsds5replicatransportinfo', 'TLS') entry['nsds5replicatransportinfo'] = ['TLS']
entry.setValues('nsds5replicabindmethod', 'simple') entry['nsds5replicabindmethod'] = ['simple']
if iswinsync: if iswinsync:
self.setup_winsync_agmt(entry, win_subtree) self.setup_winsync_agmt(entry, win_subtree)
@ -551,7 +566,7 @@ class ReplicationManager(object):
# that we will have to set the memberof fixup task # that we will have to set the memberof fixup task
self.need_memberof_fixup = True self.need_memberof_fixup = True
entry.setValues('nsds5ReplicaStripAttrs', " ".join(STRIP_ATTRS)) entry['nsds5ReplicaStripAttrs'] = [" ".join(STRIP_ATTRS)]
entry = a_conn.waitForEntry(entry) entry = a_conn.waitForEntry(entry)
@ -912,10 +927,12 @@ class ReplicationManager(object):
# Add winsync replica to the public DIT # Add winsync replica to the public DIT
dn = DN(('cn',ad_dc_name),('cn','replicas'),('cn','ipa'),('cn','etc'), self.suffix) dn = DN(('cn',ad_dc_name),('cn','replicas'),('cn','ipa'),('cn','etc'), self.suffix)
entry = self.conn.make_entry(dn) entry = self.conn.make_entry(
entry.setValues("objectclass", ["nsContainer", "ipaConfigObject"]) dn,
entry.setValues("cn", ad_dc_name) objectclass=["nsContainer", "ipaConfigObject"],
entry.setValues("ipaConfigString", "winsync:%s" % self.hostname) cn=[ad_dc_name],
ipaConfigString=["winsync:%s" % self.hostname],
)
try: try:
self.conn.addEntry(entry) self.conn.addEntry(entry)
@ -1167,11 +1184,15 @@ class ReplicationManager(object):
root_logger.debug("Creating CLEANALLRUV task for replica id %d" % replicaId) root_logger.debug("Creating CLEANALLRUV task for replica id %d" % replicaId)
dn = DN(('cn', 'clean %d' % replicaId), ('cn', 'cleanallruv'),('cn', 'tasks'), ('cn', 'config')) dn = DN(('cn', 'clean %d' % replicaId), ('cn', 'cleanallruv'),('cn', 'tasks'), ('cn', 'config'))
e = self.conn.make_entry(dn) e = self.conn.make_entry(
e.setValues('objectclass', ['top', 'extensibleObject']) dn,
e.setValue('replica-base-dn', api.env.basedn) {
e.setValue('replica-id', replicaId) 'objectclass': ['top', 'extensibleObject'],
e.setValue('cn', 'clean %d' % replicaId) 'cn': ['clean %d' % replicaId],
'replica-base-dn': [api.env.basedn],
'replica-id': [replicaId],
}
)
try: try:
self.conn.addEntry(e) self.conn.addEntry(e)
except errors.DuplicateEntry: except errors.DuplicateEntry:
@ -1190,11 +1211,15 @@ class ReplicationManager(object):
root_logger.debug("Creating task to abort a CLEANALLRUV operation for replica id %d" % replicaId) root_logger.debug("Creating task to abort a CLEANALLRUV operation for replica id %d" % replicaId)
dn = DN(('cn', 'abort %d' % replicaId), ('cn', 'abort cleanallruv'),('cn', 'tasks'), ('cn', 'config')) dn = DN(('cn', 'abort %d' % replicaId), ('cn', 'abort cleanallruv'),('cn', 'tasks'), ('cn', 'config'))
e = self.conn.make_entry(dn) e = self.conn.make_entry(
e.setValues('objectclass', ['top', 'extensibleObject']) dn,
e.setValue('replica-base-dn', api.env.basedn) {
e.setValue('replica-id', replicaId) 'replica-base-dn': [api.env.basedn],
e.setValue('cn', 'abort %d' % replicaId) 'replica-id': [replicaId],
'objectclass': ['top', 'extensibleObject'],
'cn': ['abort %d' % replicaId],
}
)
try: try:
self.conn.addEntry(e) self.conn.addEntry(e)
except errors.DuplicateEntry: except errors.DuplicateEntry:

29
ipaserver/install/service.py
View File

@ -120,7 +120,7 @@ class Service(object):
conn.do_sasl_gssapi_bind() conn.do_sasl_gssapi_bind()
except Exception, e: except Exception, e:
root_logger.debug("Could not connect to the Directory Server on %s: %s" % (self.fqdn, str(e))) root_logger.debug("Could not connect to the Directory Server on %s: %s" % (self.fqdn, str(e)))
raise e raise
self.admin_conn = conn self.admin_conn = conn
@ -216,11 +216,15 @@ class Service(object):
dn = DN(('krbprincipalname', principal), ('cn', 'services'), ('cn', 'accounts'), self.suffix) dn = DN(('krbprincipalname', principal), ('cn', 'services'), ('cn', 'accounts'), self.suffix)
hostdn = DN(('fqdn', self.fqdn), ('cn', 'computers'), ('cn', 'accounts'), self.suffix) hostdn = DN(('fqdn', self.fqdn), ('cn', 'computers'), ('cn', 'accounts'), self.suffix)
entry = self.admin_conn.make_entry(dn) entry = self.admin_conn.make_entry(
entry.setValues("objectclass", ["krbprincipal", "krbprincipalaux", "krbticketpolicyaux", "ipaobject", "ipaservice", "pkiuser"]) dn,
entry.setValue("krbprincipalname", principal) objectclass=[
entry.setValue("ipauniqueid", 'autogenerate') "krbprincipal", "krbprincipalaux", "krbticketpolicyaux",
entry.setValue("managedby", hostdn) "ipaobject", "ipaservice", "pkiuser"],
krbprincipalname=[principal],
ipauniqueid=['autogenerate'],
managedby=[hostdn],
)
self.admin_conn.addEntry(entry) self.admin_conn.addEntry(entry)
return dn return dn
@ -373,12 +377,13 @@ class Service(object):
entry_name = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix) entry_name = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix)
order = SERVICE_LIST[name][1] order = SERVICE_LIST[name][1]
entry = self.admin_conn.make_entry(entry_name) entry = self.admin_conn.make_entry(
entry.setValues("objectclass", entry_name,
"nsContainer", "ipaConfigObject") objectclass=["nsContainer", "ipaConfigObject"],
entry.setValues("cn", name) cn=[name],
entry.setValues("ipaconfigstring", ipaconfigstring=[
"enabledService", "startOrder " + str(order)) "enabledService", "startOrder " + str(order)],
)
try: try:
self.admin_conn.addEntry(entry) self.admin_conn.addEntry(entry)