Handle an empty base_dn and no cn=ipaconfig in the ldap2 backend, fix migration.

We lacked good error messages if the user/group container you used doesn't
exist.

Add a --continue option so things can continue if you use a bad user/group
container. This has the side-effect of letting you migrate just users or
groups by using a bad container for the one you don't want.

Fix a Gettext() error when displaying the migrated password message.

ticket 289
This commit is contained in:
Rob Crittenden 2010-09-27 13:50:54 -04:00
parent 38b8532696
commit c298560a1e
2 changed files with 28 additions and 9 deletions

View File

@ -28,7 +28,7 @@ import logging
import re
from ipalib import api, errors, output, uuid
from ipalib import Command, List, Password, Str
from ipalib import Command, List, Password, Str, Flag
from ipalib.cli import to_cli
if api.env.in_server and api.env.context in ['lite', 'server']:
try:
@ -196,6 +196,10 @@ class migrate_ds(Command):
default=u'ou=groups',
autofill=True,
),
Flag('continue?',
doc=_('Continous operation mode. Errors are reported but the process continues'),
default=False,
),
)
has_output = (
@ -283,10 +287,17 @@ can use their Kerberos accounts.''')
failed[ldap_obj_name] = {}
# FIXME: with limits set, we get a strange 'Success' exception
(entries, truncated) = ds_ldap.find_entries(
search_filter, ['*'], search_base, ds_ldap.SCOPE_ONELEVEL#,
#time_limit=0, size_limit=0
)
try:
(entries, truncated) = ds_ldap.find_entries(
search_filter, ['*'], search_base, ds_ldap.SCOPE_ONELEVEL#,
#time_limit=0, size_limit=0
)
except errors.NotFound:
if not options.get('continue',False):
raise errors.NotFound(reason=_('Container for %(container)s not found' % {'container':ldap_obj_name}))
else:
truncated = False
entries = []
if truncated:
self.log.error(
'%s: %s' % (
@ -380,6 +391,6 @@ can use their Kerberos accounts.''')
one_value_per_line=True,
)
textui.print_plain('-' * len(self.name))
textui.print_plain(self.pwd_migration_msg)
textui.print_plain(unicode(self.pwd_migration_msg))
api.register(migrate_ds)

View File

@ -231,7 +231,10 @@ class ldap2(CrudBackend, Encoder):
except AttributeError:
self.ldap_uri = 'ldap://example.com'
try:
self.base_dn = base_dn or api.env.basedn
if base_dn is not None:
self.base_dn = base_dn
else:
self.base_dn = api.env.basedn
except AttributeError:
self.base_dn = ''
self.schema = schema or _schema
@ -552,8 +555,13 @@ class ldap2(CrudBackend, Encoder):
def get_ipa_config(self):
"""Returns the IPA configuration entry (dn, entry_attrs)."""
cdn = "%s,%s" % (api.Object.config.get_dn(), api.env.basedn)
return self.find_entries(None, None, cdn, self.SCOPE_BASE,
time_limit=2, size_limit=10)[0][0]
try:
return self.find_entries(None, None, cdn, self.SCOPE_BASE,
time_limit=2, size_limit=10)[0][0]
except errors.NotFound:
return (cdn, {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]})
except Exception, e:
raise e
def get_schema(self):
"""Returns a copy of the current LDAP schema."""