mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
Handle an empty base_dn and no cn=ipaconfig in the ldap2 backend, fix migration.
We lacked good error messages if the user/group container you used doesn't exist. Add a --continue option so things can continue if you use a bad user/group container. This has the side-effect of letting you migrate just users or groups by using a bad container for the one you don't want. Fix a Gettext() error when displaying the migrated password message. ticket 289
This commit is contained in:
parent
38b8532696
commit
c298560a1e
@ -28,7 +28,7 @@ import logging
|
||||
import re
|
||||
|
||||
from ipalib import api, errors, output, uuid
|
||||
from ipalib import Command, List, Password, Str
|
||||
from ipalib import Command, List, Password, Str, Flag
|
||||
from ipalib.cli import to_cli
|
||||
if api.env.in_server and api.env.context in ['lite', 'server']:
|
||||
try:
|
||||
@ -196,6 +196,10 @@ class migrate_ds(Command):
|
||||
default=u'ou=groups',
|
||||
autofill=True,
|
||||
),
|
||||
Flag('continue?',
|
||||
doc=_('Continous operation mode. Errors are reported but the process continues'),
|
||||
default=False,
|
||||
),
|
||||
)
|
||||
|
||||
has_output = (
|
||||
@ -283,10 +287,17 @@ can use their Kerberos accounts.''')
|
||||
failed[ldap_obj_name] = {}
|
||||
|
||||
# FIXME: with limits set, we get a strange 'Success' exception
|
||||
(entries, truncated) = ds_ldap.find_entries(
|
||||
search_filter, ['*'], search_base, ds_ldap.SCOPE_ONELEVEL#,
|
||||
#time_limit=0, size_limit=0
|
||||
)
|
||||
try:
|
||||
(entries, truncated) = ds_ldap.find_entries(
|
||||
search_filter, ['*'], search_base, ds_ldap.SCOPE_ONELEVEL#,
|
||||
#time_limit=0, size_limit=0
|
||||
)
|
||||
except errors.NotFound:
|
||||
if not options.get('continue',False):
|
||||
raise errors.NotFound(reason=_('Container for %(container)s not found' % {'container':ldap_obj_name}))
|
||||
else:
|
||||
truncated = False
|
||||
entries = []
|
||||
if truncated:
|
||||
self.log.error(
|
||||
'%s: %s' % (
|
||||
@ -380,6 +391,6 @@ can use their Kerberos accounts.''')
|
||||
one_value_per_line=True,
|
||||
)
|
||||
textui.print_plain('-' * len(self.name))
|
||||
textui.print_plain(self.pwd_migration_msg)
|
||||
textui.print_plain(unicode(self.pwd_migration_msg))
|
||||
|
||||
api.register(migrate_ds)
|
||||
|
@ -231,7 +231,10 @@ class ldap2(CrudBackend, Encoder):
|
||||
except AttributeError:
|
||||
self.ldap_uri = 'ldap://example.com'
|
||||
try:
|
||||
self.base_dn = base_dn or api.env.basedn
|
||||
if base_dn is not None:
|
||||
self.base_dn = base_dn
|
||||
else:
|
||||
self.base_dn = api.env.basedn
|
||||
except AttributeError:
|
||||
self.base_dn = ''
|
||||
self.schema = schema or _schema
|
||||
@ -552,8 +555,13 @@ class ldap2(CrudBackend, Encoder):
|
||||
def get_ipa_config(self):
|
||||
"""Returns the IPA configuration entry (dn, entry_attrs)."""
|
||||
cdn = "%s,%s" % (api.Object.config.get_dn(), api.env.basedn)
|
||||
return self.find_entries(None, None, cdn, self.SCOPE_BASE,
|
||||
time_limit=2, size_limit=10)[0][0]
|
||||
try:
|
||||
return self.find_entries(None, None, cdn, self.SCOPE_BASE,
|
||||
time_limit=2, size_limit=10)[0][0]
|
||||
except errors.NotFound:
|
||||
return (cdn, {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]})
|
||||
except Exception, e:
|
||||
raise e
|
||||
|
||||
def get_schema(self):
|
||||
"""Returns a copy of the current LDAP schema."""
|
||||
|
Loading…
Reference in New Issue
Block a user