diff options
author | Tomas Babej <tbabej@redhat.com> | 2015-04-29 08:15:55 +0200 |
---|---|---|
committer | Tomas Babej <tbabej@redhat.com> | 2015-07-02 13:23:21 +0200 |
commit | 2104e07fa82dc599fe81cea822dfa8b060cc91cc (patch) | |
tree | 6da006022da47af466e037a0e4696ccaad149794 | |
parent | 4c6ff801405de9bcc9175e1687a91ff55143d9b3 (diff) | |
download | freeipa-2104e07fa82dc599fe81cea822dfa8b060cc91cc.tar.gz freeipa-2104e07fa82dc599fe81cea822dfa8b060cc91cc.tar.xz freeipa-2104e07fa82dc599fe81cea822dfa8b060cc91cc.zip |
migrate-winsync: Create user ID overrides in place of winsynced user entries
https://fedorahosted.org/freeipa/ticket/4524
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
-rw-r--r-- | ipaserver/winsync_migrate/base.py | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/ipaserver/winsync_migrate/base.py b/ipaserver/winsync_migrate/base.py index 840388904..4d2ef4d3c 100644 --- a/ipaserver/winsync_migrate/base.py +++ b/ipaserver/winsync_migrate/base.py @@ -27,6 +27,8 @@ from ipapython.dn import DN from ipapython.ipa_log_manager import log_mgr from ipaserver.plugins.ldap2 import ldap2 +DEFAULT_TRUST_VIEW_NAME = u'Default Trust View' + class MigrateWinsync(admintool.AdminTool): """ @@ -44,6 +46,33 @@ class MigrateWinsync(admintool.AdminTool): "For more information, see `man ipa-migrate-winsync`." ) + def create_id_user_override(self, entry): + """ + Creates ID override corresponding to this user entry. + """ + + user_identifier = u"%s@%s" % (entry['uid'][0], self.options.realm) + + kwargs = { + 'uid': entry['uid'][0], + 'uidnumber': entry['uidnumber'][0], + 'gidnumber': entry['gidnumber'][0], + 'gecos': entry['gecos'][0], + 'loginshell': entry['loginshell'][0] + } + + try: + result = api.Command['idoverrideuser_add']( + DEFAULT_TRUST_VIEW_NAME, + user_identifier, + **kwargs + ) + except Exception as e: + self.log.warning("Migration failed: %s (%s)" + % (user_identifier, str(e))) + else: + self.log.debug("Migrated: %s" % user_identifier) + def find_winsync_users(self): """ Finds all users that were mirrored from AD using winsync. @@ -81,4 +110,7 @@ class MigrateWinsync(admintool.AdminTool): except errors.DatabaseError, e: sys.exit("Cannot connect to the LDAP database. Please check if IPA is running.") + # Create ID overrides replacing the user winsync entries entries = self.find_winsync_users() + for entry in entries: + self.create_id_user_override(entry) |