- Abstracted client class to work directly or over RPC

- Add mod_auth_kerb and cyrus-sasl-gssapi to Requires - Remove references to admin server in ipa-server-setupssl - Generate a client certificate for the XML-RPC server to connect to LDAP with - Create a keytab for Apache - Create an ldif with a test user - Provide a certmap.conf for doing SSL client authentication - Update tools to use kerberos - Add User class
2025-02-25 18:55:28 -06:00 · 2007-08-06 10:05:53 -04:00
parent 66ab69d0b2
commit 993f76fe60
26 changed files with 877 additions and 322 deletions
--- a/ipa-admintools/ipa-adduser
+++ b/ipa-admintools/ipa-adduser
@@ -21,10 +21,11 @@
 import sys
 from optparse import OptionParser
 import ipa
-import ipa.rpcclient
+import ipa.ipaclient as ipaclient
 import ipa.config

 import xmlrpclib
+import kerberos

 def usage():
    print "ipa-adduser [-c|--gecos STRING] [-d|--directory STRING] [-f|--firstname STRING] [-l|--lastname STRING] user"
@@ -73,10 +74,15 @@ def main():
        user['loginshell'] = "/bin/bash"

    try:
-        ipa.rpcclient.add_user(user)
-        print args[0] + " successfully added"
+        client = ipaclient.IPAClient()
+        client.add_user(user)
+        print args[1] + " successfully added"
    except xmlrpclib.Fault, f:
        print f.faultString
+        return 1
+    except kerberos.GSSError, e:
+        print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
+        return 1

    return 0