diff options
author | Alexander Bokovoy <abokovoy@redhat.com> | 2015-05-28 11:49:58 +0000 |
---|---|---|
committer | Alexander Bokovoy <abokovoy@redhat.com> | 2015-07-07 11:05:48 +0300 |
commit | 4a856d8ff597ec516cc1eb05f06e062bb4ecca5b (patch) | |
tree | 4b5991e9f0fbaa3afa6d4f0346326c7408551f19 | |
parent | a797874359544e431bdd96dd11e26f404c578db0 (diff) | |
download | freeipa-4a856d8ff597ec516cc1eb05f06e062bb4ecca5b.tar.gz freeipa-4a856d8ff597ec516cc1eb05f06e062bb4ecca5b.tar.xz freeipa-4a856d8ff597ec516cc1eb05f06e062bb4ecca5b.zip |
trusts: pass AD DC hostname if specified explicitly
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1222047
-rw-r--r-- | API.txt | 3 | ||||
-rw-r--r-- | VERSION | 2 | ||||
-rw-r--r-- | ipalib/plugins/trust.py | 9 | ||||
-rw-r--r-- | ipaserver/dcerpc.py | 10 |
4 files changed, 18 insertions, 6 deletions
@@ -4998,10 +4998,11 @@ output: Output('result', <type 'dict'>, None) output: Output('summary', (<type 'unicode'>, <type 'NoneType'>), None) output: ListOfPrimaryKeys('value', None, None) command: trust_fetch_domains -args: 1,4,4 +args: 1,5,4 arg: Str('cn', attribute=True, cli_name='realm', multivalue=False, primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui') option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui') +option: Str('realm_server?', cli_name='server') option: Flag('rights', autofill=True, default=False) option: Str('version?', exclude='webui') output: Output('count', <type 'int'>, None) @@ -90,5 +90,5 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=137 +IPA_API_VERSION_MINOR=138 # Last change: mbabinsk: Commands to manage user/host/service certificates diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index 5b884ca89..13ac52ddd 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -1302,9 +1302,10 @@ def fetch_domains_from_trust(self, trustinstance, trust_entry, **options): sp.insert(0, trustinstance.remote_domain.info['name']) creds = u"{name}%{password}".format(name="\\".join(sp), password=password) + server = options.get('realm_server', None) domains = ipaserver.dcerpc.fetch_domains(self.api, trustinstance.local_flatname, - trust_name, creds=creds) + trust_name, creds=creds, server=server) result = [] if not domains: return result @@ -1342,6 +1343,12 @@ class trust_fetch_domains(LDAPRetrieve): __doc__ = _('Refresh list of the domains associated with the trust') has_output = output.standard_list_of_entries + takes_options = LDAPRetrieve.takes_options + ( + Str('realm_server?', + cli_name='server', + label=_('Domain controller for the Active Directory domain (optional)'), + ), + ) def execute(self, *keys, **options): if not _bindings_installed: diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py index 725b2cd90..753e10e97 100644 --- a/ipaserver/dcerpc.py +++ b/ipaserver/dcerpc.py @@ -1046,7 +1046,7 @@ class TrustDomainInstance(object): return False -def fetch_domains(api, mydomain, trustdomain, creds=None): +def fetch_domains(api, mydomain, trustdomain, creds=None, server=None): trust_flags = dict( NETR_TRUST_FLAG_IN_FOREST = 0x00000001, NETR_TRUST_FLAG_OUTBOUND = 0x00000002, @@ -1087,8 +1087,12 @@ def fetch_domains(api, mydomain, trustdomain, creds=None): cr.set_workstation(domain_validator.flatname) netrc = net.Net(creds=cr, lp=td.parm) try: - result = netrc.finddc(domain=trustdomain, - flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS) + if server: + result = netrc.finddc(address=server, + flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS) + else: + result = netrc.finddc(domain=trustdomain, + flags=nbt.NBT_SERVER_LDAP | nbt.NBT_SERVER_DS) except RuntimeError, e: raise assess_dcerpc_exception(message=str(e)) |