IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add ability to change a user password as the Directory Manager

Browse Source 
This is to confirm that the Directory Manager is not affected by
password policy.

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>
This commit is contained in:
Rob Crittenden 2020-03-23 11:40:01 -04:00 committed by Christian Heimes
parent 132a0f8771
commit ff6984e2ee
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ipatests/pytest_ipa/integration/tasks.py
View File

@ -1768,15 +1768,21 @@ def get_host_ip_with_hostmask(host):
return None
def ldappasswd_user_change(user, oldpw, newpw, master):
def ldappasswd_user_change(user, oldpw, newpw, master, use_dirman=False):
container_user = dict(DEFAULT_CONFIG)['container_user']
basedn = master.domain.basedn
userdn = "uid={},{},{}".format(user, container_user, basedn)
master_ldap_uri = "ldap://{}".format(master.hostname)
args = [paths.LDAPPASSWD, '-D', userdn, '-w', oldpw, '-a', oldpw,
'-s', newpw, '-x', '-ZZ', '-H', master_ldap_uri]
if use_dirman:
args = [paths.LDAPPASSWD, '-D',
str(master.config.dirman_dn), # pylint: disable=no-member
'-w', master.config.dirman_password,
'-s', newpw, '-x', '-ZZ', '-H', master_ldap_uri, userdn]
else:
args = [paths.LDAPPASSWD, '-D', userdn, '-w', oldpw, '-a', oldpw,
'-s', newpw, '-x', '-ZZ', '-H', master_ldap_uri]
master.run_command(args)