Service principal deletion

2 files changed, 21 insertions, 0 deletions

diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py
index a4ebfcded..d0600b51a 100644
--- a/ipa-server/xmlrpc-server/funcs.py
+++ b/ipa-server/xmlrpc-server/funcs.py
@@ -1724,6 +1724,26 @@ class IPAServer:
             self.releaseConnection(conn)
         return res
 
+    def delete_service_principal (self, principal, opts=None):
+        """Delete a service principal.
+
+           principal is the full DN of the entry to delete.
+
+           This should be called with much care.
+        """
+        if not principal:
+            raise ipaerror.gen_exception(ipaerror.INPUT_INVALID_PARAMETER)
+        entry = self.get_entry_by_dn(principal, ['dn', 'objectclass'], opts)
+        if entry is None:
+            raise ipaerror.gen_exception(ipaerror.LDAP_NOT_FOUND)
+
+        conn = self.getConnection(opts)
+        try:
+            res = conn.deleteEntry(entry['dn'])
+        finally:
+            self.releaseConnection(conn)
+        return res
+
     def find_service_principal(self, criteria, sattrs, searchlimit=-1,
             timelimit=-1, opts=None):
         """Returns a list: counter followed by the results.
diff --git a/ipa-server/xmlrpc-server/ipaxmlrpc.py b/ipa-server/xmlrpc-server/ipaxmlrpc.py
index abf6aed7e..3f3e38b8e 100644
--- a/ipa-server/xmlrpc-server/ipaxmlrpc.py
+++ b/ipa-server/xmlrpc-server/ipaxmlrpc.py
@@ -365,6 +365,7 @@ def handler(req, profiling=False):
             h.register_function(f.get_password_policy)
             h.register_function(f.update_password_policy)
             h.register_function(f.add_service_principal)
+            h.register_function(f.delete_service_principal)
             h.register_function(f.find_service_principal)
             h.register_function(f.get_radius_client_by_ip_addr)
             h.register_function(f.add_radius_client)