Find and delete service principals from the command-line.

4 files changed, 249 insertions, 0 deletions

diff --git a/ipa-admintools/ipa-delservice b/ipa-admintools/ipa-delservice
new file mode 100644
index 000000000..1796babf4
--- /dev/null
+++ b/ipa-admintools/ipa-delservice
@@ -0,0 +1,84 @@
+#! /usr/bin/python -E
+# Authors: Rob Crittenden <rcritten@redhat.com>
+#
+# Copyright (C) 2007  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import sys
+from optparse import OptionParser
+import ipa
+import ipa.user
+import ipa.ipaclient as ipaclient
+import ipa.ipavalidate as ipavalidate
+import ipa.config
+
+import base64
+
+import xmlrpclib
+import kerberos
+import krbV
+import ldap
+import getpass
+import errno
+
+def usage():
+    print "ipa-delservice principal"
+    sys.exit(1)
+
+def parse_options():
+    parser = OptionParser()
+
+    args = ipa.config.init_config(sys.argv)
+    options, args = parser.parse_args(args)
+
+    return options, args
+
+def main():
+    # The following fields are required
+    princ_name = ""
+
+    options, args = parse_options()
+
+    if len(args) != 2:
+        usage()
+    princ_name = args[1]
+
+    client = ipaclient.IPAClient()
+
+    try:
+        hosts = client.find_service_principal(args[1], sattrs=None)
+        counter = hosts[0]
+        hosts = hosts[1:]
+
+        if counter == 0:
+            print "Service Principal '%s' not found." % args[1]
+            return 2
+        if counter != 1:
+            print "An exact match was not found. Found %d principals for %s" % (counter, args[1])
+            return 2
+
+        client.delete_service_principal(hosts[0].dn)
+
+    except Exception, e:
+        print str(e)
+        return 1
+
+    print hosts[0] + " successfully deleted"
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/ipa-admintools/ipa-findservice b/ipa-admintools/ipa-findservice
new file mode 100644
index 000000000..f9b64d3bf
--- /dev/null
+++ b/ipa-admintools/ipa-findservice
@@ -0,0 +1,93 @@
+#! /usr/bin/python -E
+# Authors: Rob Crittenden <rcritten@redhat.com>
+#
+# Copyright (C) 2007  Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; version 2 only
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+import sys
+from optparse import OptionParser
+import ipa.ipaclient as ipaclient
+import ipa.config
+import ipa.ipautil as ipautil
+import ipa.ipaadminutil as ipaadminutil
+import base64
+
+import errno
+import sys
+import xmlrpclib
+import kerberos
+
+def usage():
+    print "ipa-findservice host"
+    sys.exit()
+
+def parse_options():
+    parser = OptionParser()
+
+    parser.add_option("--usage", action="store_true",
+                      help="Program usage")
+
+    args = ipa.config.init_config(sys.argv)
+    options, args = parser.parse_args(args)
+
+    return options, args
+
+def main():
+    user={}
+    options, args = parse_options()
+
+    if len(args) != 2:
+        usage()
+
+    try:
+        client = ipaclient.IPAClient()
+        hosts = client.find_service_principal(args[1], sattrs=None)
+
+        counter = hosts[0]
+        hosts = hosts[1:]
+        userindex = 0
+        if counter == 0:
+            print "No entries found for", args[1]
+            return 2
+        elif counter == -1:
+            print "These results are truncated."
+            print "Please refine your search and try again."
+
+         
+        for ent in hosts:
+            print ent.krbprincipalname
+
+    except xmlrpclib.Fault, fault:
+        if fault.faultCode == errno.ECONNREFUSED:
+            print "The IPA XML-RPC service is not responding."
+        else:
+            print fault.faultString
+        return 1
+    except kerberos.GSSError, e:
+        print "Could not initialize GSSAPI: %s/%s" % (e[0][0][0], e[0][1][0])
+        return 1
+    except xmlrpclib.ProtocolError, e:
+        print "Unable to connect to IPA server: %s" % (e.errmsg)
+        return 1
+    except ipa.ipaerror.IPAError, e:
+        print "%s" % (e.message)
+        return 1
+
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())
diff --git a/ipa-admintools/man/ipa-delservice.1 b/ipa-admintools/man/ipa-delservice.1
new file mode 100644
index 000000000..56b2d2010
--- /dev/null
+++ b/ipa-admintools/man/ipa-delservice.1
@@ -0,0 +1,35 @@
+.\" A man page for ipa-delservice
+.\" Copyright (C) 2007 Red Hat, Inc.
+.\" 
+.\" This is free software; you can redistribute it and/or modify it under
+.\" the terms of the GNU Library General Public License as published by
+.\" the Free Software Foundation; either version 2 of the License, or
+.\" (at your option) any later version.
+.\" 
+.\" This program is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+.\" General Public License for more details.
+.\" 
+.\" You should have received a copy of the GNU Library General Public
+.\" License along with this program; if not, write to the Free Software
+.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+.\" 
+.\" Author: Rob Crittenden <rcritten@redhat.com>
+.\" 
+.TH "ipa-delservice" "1" "Jan 11 2008" "freeipa" ""
+.SH "NAME"
+ipa\-delservice \- Delete a service principal
+
+.SH "SYNOPSIS"
+ipa\-delservice \fIprincipal\fR
+
+.SH "DESCRIPTION"
+Deletes a service principal with name \fIprincipal\fR.
+
+.SH "EXIT STATUS"
+0 on success
+
+1 if an error occurred
+
+2 if not exactly one matching entries was found
diff --git a/ipa-admintools/man/ipa-findservice.1 b/ipa-admintools/man/ipa-findservice.1
new file mode 100644
index 000000000..e23d34c43
--- /dev/null
+++ b/ipa-admintools/man/ipa-findservice.1
@@ -0,0 +1,37 @@
+.\" A man page for ipa-findservice
+.\" Copyright (C) 2007 Red Hat, Inc.
+.\" 
+.\" This is free software; you can redistribute it and/or modify it under
+.\" the terms of the GNU Library General Public License as published by
+.\" the Free Software Foundation; either version 2 of the License, or
+.\" (at your option) any later version.
+.\" 
+.\" This program is distributed in the hope that it will be useful, but
+.\" WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+.\" General Public License for more details.
+.\" 
+.\" You should have received a copy of the GNU Library General Public
+.\" License along with this program; if not, write to the Free Software
+.\" Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+.\" 
+.\" Author: Rob Crittenden <rcritten@redhat.com>
+.\" 
+.TH "ipa-findservice" "1" "Jan 11 2008" "freeipa" ""
+.SH "NAME"
+ipa\-findservice \- Find a service principal
+.SH "SYNOPSIS"
+ipa\-findservice \fIstring\fR
+
+.SH "DESCRIPTION"
+Searches for a service principal that contains \fIstring\fR.
+
+The search is a substring search in the service principal. You can search for all principals on a given host, by service or a substring.
+
+All entries that match are displayed.
+.SH "EXIT STATUS"
+0 if one or more entries were found
+
+1 if an error occurred
+
+2 if no matching entries were found