From 8d35089780abbc8a877ebd3bd991a3a3ba8a6f3e Mon Sep 17 00:00:00 2001 From: Martin Kosek Date: Thu, 12 May 2011 14:43:13 +0200 Subject: [PATCH] Limit passwd plugin to user container Improve performance by specifying basedn to find_entry_by_attr() function in ldap2 and passwd plugins. https://fedorahosted.org/freeipa/ticket/1165 --- ipalib/plugins/passwd.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ipalib/plugins/passwd.py b/ipalib/plugins/passwd.py index 4ecd224d9..b740c481d 100644 --- a/ipalib/plugins/passwd.py +++ b/ipalib/plugins/passwd.py @@ -85,7 +85,8 @@ class passwd(Command): principal = '%s@%s' % (principal, self.api.env.realm) (dn, entry_attrs) = ldap.find_entry_by_attr( - 'krbprincipalname', principal, 'posixaccount', [''] + 'krbprincipalname', principal, 'posixaccount', [''], + ",".join([api.env.container_user, api.env.basedn]) ) ldap.modify_password(dn, password)