diff options
| author | Alexander Bokovoy <abokovoy@redhat.com> | 2015-05-28 11:49:58 +0000 |
|---|---|---|
| committer | Tomas Babej <tbabej@redhat.com> | 2015-07-08 01:56:52 +0200 |
| commit | 47e1de760413e5354f704fc808d960490d80338c (patch) | |
| tree | 393570e45109bd5b40d8a3746402398b8a3d1570 | |
| parent | 03c2d76186534081400846f4141fbbef8e41ae83 (diff) | |
| download | freeipa-47e1de760413e5354f704fc808d960490d80338c.tar.gz freeipa-47e1de760413e5354f704fc808d960490d80338c.tar.xz freeipa-47e1de760413e5354f704fc808d960490d80338c.zip | |
trusts: pass AD DC hostname if specified explicitly
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1222047
Reviewed-By: Tomas Babej <tbabej@redhat.com>
| -rw-r--r-- | API.txt | 3 | ||||
| -rw-r--r-- | VERSION | 4 | ||||
| -rw-r--r-- | ipalib/plugins/trust.py | 9 | ||||
| -rw-r--r-- | ipaserver/dcerpc.py | 10 |
4 files changed, 19 insertions, 7 deletions
@@ -5000,10 +5000,11 @@ output: Output('result', <type 'dict'>, None) output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: ListOfPrimaryKeys('value', None, None) command: trust_fetch_domains -args: 1,4,4 +args: 1,5,4 arg: Str('cn', attribute=True, cli_name='realm', multivalue=False, primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') +option: Str('realm_server?', cli_name='server') option: Flag('rights', autofill=True, default=False) option: Str('version?', exclude='webui') output: Output('count', <type 'int'>, None) @@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=142 -# Last change: mbabinsk: Add option to skip client API version check +IPA_API_VERSION_MINOR=143 +# Last change: ab - trusts: pass AD DC hostname if specified explicitly diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index 5b884ca89..13ac52ddd 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -1302,9 +1302,10 @@ def fetch_domains_from_trust(self, trustinstance, trust_entry, **options): sp.insert(0, trustinstance.remote_domain.info['name']) creds = u"{name}%{password}".format(name="\\".join(sp), password=password) + server = options.get('realm_server', None) domains = ipaserver.dcerpc.fetch_domains(self.api, trustinstance.local_flatname, - trust_name, creds=creds) + trust_name, creds=creds, server=server) result = [] if not domains: return result @@ -1342,6 +1343,12 @@ class trust_fetch_domains(LDAPRetrieve): __doc__ = _('Refresh list of the domains associated with the trust') has_output = output.standard_list_of_entries + takes_options = LDAPRetrieve.takes_options + ( + Str('realm_server?', + cli_name='server', + label=_('Domain controller for the Active Directory domain (optional)'), + ), + ) def execute(self, *keys, **options): if not _bindings_installed: diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py index 530f41540..a54f5f67f 100644 --- a/ipaserver/dcerpc.py +++ b/ipaserver/dcerpc.py @@ -1048,7 +1048,7 @@ class TrustDomainInstance(object): return False -def fetch_domains(api, mydomain, trustdomain, creds=None): +def fetch_domains(api, mydomain, trustdomain, creds=None, server=None): trust_flags = dict( NETR_TRUST_FLAG_IN_FOREST = 0x00000001, NETR_TRUST_FLAG_OUTBOUND = 0x00000002, @@ -1089,8 +1089,12 @@ def fetch_domains(api, mydomain, trustdomain, creds=None): cr.set_workstation(domain_validator.flatname) netrc = net.Net(creds=cr, lp=td.parm) try: - result = netrc.finddc(domain=trustdomain, - flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS) + if server: + result = netrc.finddc(address=server, + flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS) + else: + result = netrc.finddc(domain=trustdomain, + flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS) except RuntimeError, e: raise assess_dcerpc_exception(message=str(e)) |