summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexander Bokovoy <abokovoy@redhat.com>2015-05-28 11:49:58 +0000
committerAlexander Bokovoy <abokovoy@redhat.com>2015-07-07 11:05:48 +0300
commit4a856d8ff597ec516cc1eb05f06e062bb4ecca5b (patch)
tree4b5991e9f0fbaa3afa6d4f0346326c7408551f19
parenta797874359544e431bdd96dd11e26f404c578db0 (diff)
downloadfreeipa-4a856d8ff597ec516cc1eb05f06e062bb4ecca5b.tar.gz
freeipa-4a856d8ff597ec516cc1eb05f06e062bb4ecca5b.tar.xz
freeipa-4a856d8ff597ec516cc1eb05f06e062bb4ecca5b.zip
trusts: pass AD DC hostname if specified explicitly
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1222047
-rw-r--r--API.txt3
-rw-r--r--VERSION2
-rw-r--r--ipalib/plugins/trust.py9
-rw-r--r--ipaserver/dcerpc.py10
4 files changed, 18 insertions, 6 deletions
diff --git a/API.txt b/API.txt
index e226712d3..f3b4df8d4 100644
--- a/API.txt
+++ b/API.txt
@@ -4998,10 +4998,11 @@ output: Output('result', <type 'dict'>, None)
output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None)
output: ListOfPrimaryKeys('value', None, None)
command: trust_fetch_domains
-args: 1,4,4
+args: 1,5,4
arg: Str('cn', attribute=True, cli_name='realm', multivalue=False, primary_key=True, query=True, required=True)
option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui')
option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui')
+option: Str('realm_server?', cli_name='server')
option: Flag('rights', autofill=True, default=False)
option: Str('version?', exclude='webui')
output: Output('count', <type 'int'>, None)
diff --git a/VERSION b/VERSION
index 266a04af1..c31ddfc97 100644
--- a/VERSION
+++ b/VERSION
@@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000
# #
########################################################
IPA_API_VERSION_MAJOR=2
-IPA_API_VERSION_MINOR=137
+IPA_API_VERSION_MINOR=138
# Last change: mbabinsk: Commands to manage user/host/service certificates
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index 5b884ca89..13ac52ddd 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -1302,9 +1302,10 @@ def fetch_domains_from_trust(self, trustinstance, trust_entry, **options):
sp.insert(0, trustinstance.remote_domain.info['name'])
creds = u"{name}%{password}".format(name="\\".join(sp),
password=password)
+ server = options.get('realm_server', None)
domains = ipaserver.dcerpc.fetch_domains(self.api,
trustinstance.local_flatname,
- trust_name, creds=creds)
+ trust_name, creds=creds, server=server)
result = []
if not domains:
return result
@@ -1342,6 +1343,12 @@ class trust_fetch_domains(LDAPRetrieve):
__doc__ = _('Refresh list of the domains associated with the trust')
has_output = output.standard_list_of_entries
+ takes_options = LDAPRetrieve.takes_options + (
+ Str('realm_server?',
+ cli_name='server',
+ label=_('Domain controller for the Active Directory domain (optional)'),
+ ),
+ )
def execute(self, *keys, **options):
if not _bindings_installed:
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index 725b2cd90..753e10e97 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -1046,7 +1046,7 @@ class TrustDomainInstance(object):
return False
-def fetch_domains(api, mydomain, trustdomain, creds=None):
+def fetch_domains(api, mydomain, trustdomain, creds=None, server=None):
trust_flags = dict(
NETR_TRUST_FLAG_IN_FOREST = 0x00000001,
NETR_TRUST_FLAG_OUTBOUND = 0x00000002,
@@ -1087,8 +1087,12 @@ def fetch_domains(api, mydomain, trustdomain, creds=None):
cr.set_workstation(domain_validator.flatname)
netrc = net.Net(creds=cr, lp=td.parm)
try:
- result = netrc.finddc(domain=trustdomain,
- flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS)
+ if server:
+ result = netrc.finddc(address=server,
+ flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS)
+ else:
+ result = netrc.finddc(domain=trustdomain,
+ flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS)
except RuntimeError, e:
raise assess_dcerpc_exception(message=str(e))