Add default e-mail domain to the IPA configuration

2025-02-25 18:55:28 -06:00 · 2007-12-10 11:53:00 -05:00
parent c95550a164
commit b75d735b7e
8 changed files with 37 additions and 6 deletions
--- a/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py
+++ b/ipa-server/ipa-gui/ipagui/forms/ipapolicy.py
@@ -17,6 +17,7 @@ class IPAPolicyFields(object):
    userobjectclasses = ExpandingForm(name="userobjectclasses", label="Default User Object Classes", fields=[ipauserobjectclasses])
    ipagroupobjectclasses = widgets.TextField(name="ipagroupobjectclasses", label="Default Group Object Classes", attrs=dict(size=50))
    groupobjectclasses = ExpandingForm(name="groupobjectclasses", label="Default User Object Classes", fields=[ipagroupobjectclasses])
+    ipadefaultemaildomain =  widgets.TextField(name="ipadefaultemaildomain", label="Default E-mail Domain", attrs=dict(size=20))

    ipapolicy_orig = widgets.HiddenField(name="ipapolicy_orig")

@@ -41,6 +42,7 @@ class IPAPolicyValidator(validators.Schema):
    ipadefaultprimarygroup = validators.String(not_empty=True)
    ipauserobjectclasses = validators.ForEach(validators.String(not_empty=True))
    ipagroupobjectclasses = validators.ForEach(validators.String(not_empty=True))
+    ipadefaultemaildomain = validators.String(not_empty=True)

    krbmaxpwdlife = validators.Number(not_empty=True)
    krbminpwdlife = validators.Number(not_empty=True)
--- a/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py
+++ b/ipa-server/ipa-gui/ipagui/subcontrollers/ipapolicy.py
@@ -152,6 +152,9 @@ class IPAPolicyController(IPAController):
            if new_ipapolicy.ipagroupobjectclasses != kw.get('ipagroupobjectclasses'):
                policy_modified = True
                new_ipapolicy.setValue('ipagroupobjectclasses', kw.get('ipagroupobjectclasses'))
+            if new_ipapolicy.ipadefaultemaildomain != kw.get('ipadefaultemaildomain'):
+                policy_modified = True
+                new_ipapolicy.setValue('ipadefaultemaildomain', kw.get('ipadefaultemaildomain'))

            if policy_modified:
                rv = client.update_ipa_config(new_ipapolicy)
--- a/ipa-server/ipa-gui/ipagui/subcontrollers/user.py
+++ b/ipa-server/ipa-gui/ipagui/subcontrollers/user.py
@@ -29,14 +29,20 @@ user_edit_form = ipagui.forms.user.UserEditForm()

 user_fields = ['*', 'nsAccountLock']

-email_domain = ipa.config.config.default_realm.lower()
-
 class UserController(IPAController):

    def __init__(self, *args, **kw):
        super(UserController,self).__init__(*args, **kw)
 #        self.load_custom_fields()

+    def get_email_domain(self):
+        client = self.get_ipaclient()
+
+        conf = client.get_ipa_config()
+        email_domain = conf.ipadefaultemaildomain
+
+        return email_domain
+
    def load_custom_fields(self):

        client = self.get_ipaclient()
@@ -733,13 +739,13 @@ class UserController(IPAController):
        givenname = givenname.lower()
        sn = sn.lower()

-        email = "%s.%s@%s" % (givenname, sn, email_domain)
+        email = "%s.%s@%s" % (givenname, sn, self.get_email_domain())
        try:
            client.get_user_by_email(email)
        except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND):
            return email

-        email = "%s@%s" % (self.suggest_uid(givenname, sn), email_domain)
+        email = "%s@%s" % (self.suggest_uid(givenname, sn), self.get_email_domain())
        try:
            client.get_user_by_email(email)
        except ipaerror.exception_for(ipaerror.LDAP_NOT_FOUND):
--- a/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid
+++ b/ipa-server/ipa-gui/ipagui/templates/ipapolicyeditform.kid
@@ -172,6 +172,16 @@ from ipagui.helpers import ipahelper
              py:content="tg.errors.get('ipadefaultprimarygroup')" />
          </td>
        </tr>
+        <tr>
+          <th>
+            <label class="fieldlabel" py:content="ipapolicy_fields.ipadefaultemaildomain.label" />:
+          </th>
+          <td>
+          <span py:replace="ipapolicy_fields.ipadefaultemaildomain.display(value_for(ipapolicy_fields.ipadefaultemaildomain))" />
+          <span py:if="tg.errors.get('ipadefaultemaildomain')" class="fielderror"
+              py:content="tg.errors.get('ipadefaultemaildomain')" />
+          </td>
+        </tr>
      <tr>
        <th>
          <label class="fieldlabel" for="${ipapolicy_fields.userobjectclasses.field_id}"
--- a/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid
+++ b/ipa-server/ipa-gui/ipagui/templates/ipapolicyshow.kid
@@ -112,6 +112,12 @@ edit_url = tg.url('/ipapolicy/edit')
          </th>
          <td>${ipapolicy.get("ipadefaultprimarygroup")}</td>
        </tr>
+        <tr>
+          <th>
+            <label class="fieldlabel" py:content="fields.ipadefaultemaildomain.label" />:
+          </th>
+          <td>${ipapolicy.get("ipadefaultemaildomain")}</td>
+        </tr>
        <tr>
          <th>
            <label class="fieldlabel" py:content="fields.ipauserobjectclasses.label" />:
--- a/ipa-server/ipa-install/share/60ipaconfig.ldif
+++ b/ipa-server/ipa-install/share/60ipaconfig.ldif
@@ -33,9 +33,10 @@ attributetypes: ( 2.16.840.1.113730.3.8.1.10 NAME 'ipaPwdExpAdvNotify' EQUALITY
 attributetypes: ( 2.16.840.1.113730.3.8.1.11 NAME 'ipaUserObjectClasses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
 # ipaGroupObjectClasses - required objectclasses for groups
 attributetypes: ( 2.16.840.1.113730.3.8.1.12 NAME 'ipaGroupObjectClasses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
+attributetypes: ( 2.16.840.1.113730.3.8.1.13 NAME 'ipaDefaultEmailDomain' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
 ###############################################
 ##
 ## ObjectClasses
 ##
 ## ipaGuiConfig - GUI config parameters objectclass
-objectClasses: ( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $ ipaGroupSearchFields $ ipaSearchTimeLimit $ ipaSearchRecordsLimit $ ipaCustomFields $ ipaHomesRootDir $ ipaDefaultLoginShell $ ipaDefaultPrimaryGroup $ ipaMaxUsernameLength $ ipaPwdExpAdvNotify $ ipaUserObjectClasses $ ipaGroupObjectClasses) )
+objectClasses: ( 2.16.840.1.113730.3.8.2.1 NAME 'ipaGuiConfig' AUXILIARY MAY ( ipaUserSearchFields $ ipaGroupSearchFields $ ipaSearchTimeLimit $ ipaSearchRecordsLimit $ ipaCustomFields $ ipaHomesRootDir $ ipaDefaultLoginShell $ ipaDefaultPrimaryGroup $ ipaMaxUsernameLength $ ipaPwdExpAdvNotify $ ipaUserObjectClasses $ ipaGroupObjectClasses $ ipaDefaultEmailDomain) )
--- a/ipa-server/ipa-install/share/bootstrap-template.ldif
+++ b/ipa-server/ipa-install/share/bootstrap-template.ldif
@@ -135,6 +135,7 @@ ipaUserObjectClasses: inetUser
 ipaUserObjectClasses: posixAccount
 ipaUserObjectClasses: krbPrincipalAux
 ipaUserObjectClasses: radiusprofile
+ipaDefaultEmailDomain: $DOMAIN

 dn: cn=account inactivation,cn=accounts,$SUFFIX
 changetype: add
--- a/ipa-server/ipaserver/dsinstance.py
+++ b/ipa-server/ipaserver/dsinstance.py
@@ -125,6 +125,7 @@ class DsInstance(service.Service):
        self.host_name = None
        self.dm_password = None
        self.sub_dict = None
+        self.domain = None

    def create_instance(self, ds_user, realm_name, host_name, dm_password, ro_replica=False):
        self.ds_user = ds_user
@@ -133,6 +134,7 @@ class DsInstance(service.Service):
        self.suffix = realm_to_suffix(self.realm_name)
        self.host_name = host_name
        self.dm_password = dm_password
+        self.domain = host_name[host_name.find(".")+1:]
        self.__setup_sub_dict()
        
        if ro_replica:
@@ -173,7 +175,7 @@ class DsInstance(service.Service):
        self.sub_dict = dict(FQHN=self.host_name, SERVERID=self.serverid,
                             PASSWORD=self.dm_password, SUFFIX=self.suffix.lower(),
                             REALM=self.realm_name, USER=self.ds_user,
-                             SERVER_ROOT=server_root)
+                             SERVER_ROOT=server_root, DOMAIN=self.domain)

    def __create_ds_user(self):
        self.step("creating directory server user")