diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2008-10-17 19:20:23 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2008-10-17 19:20:23 -0400 |
| commit | ae8370be44d95b9f6793ded46ef81126aebef3e0 (patch) | |
| tree | 22598861258663bc81ff53b0c2576a0b70faab15 /ipa_server | |
| parent | e66cd9599bb8eef124a6c890b9a1ae471b3b937f (diff) | |
| download | freeipa-ae8370be44d95b9f6793ded46ef81126aebef3e0.tar.gz freeipa-ae8370be44d95b9f6793ded46ef81126aebef3e0.tar.xz freeipa-ae8370be44d95b9f6793ded46ef81126aebef3e0.zip | |
Port f_service to LDAP backend
Add new keyword, 'filter', that can be passed to the search function.
This is globbed onto the filter that is auto-created.
Diffstat (limited to 'ipa_server')
| -rw-r--r-- | ipa_server/plugins/b_ldap.py | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/ipa_server/plugins/b_ldap.py b/ipa_server/plugins/b_ldap.py index bc1f8951c..4845a5993 100644 --- a/ipa_server/plugins/b_ldap.py +++ b/ipa_server/plugins/b_ldap.py @@ -50,7 +50,7 @@ class ldap(CrudBackend): def make_group_dn(self, cn): """ - Construct user dn from cn. + Construct group dn from cn. """ return 'cn=%s,%s,%s' % ( self.dn.escape_dn_chars(cn), @@ -58,17 +58,28 @@ class ldap(CrudBackend): self.api.env.basedn, ) + def make_service_dn(self, principal): + """ + Construct service principal dn from principal name + """ + return 'krbprincipalname=%s,%s,%s' % ( + self.dn.escape_dn_chars(principal), + self.api.env.container_service, + self.api.env.basedn, + ) + def get_object_type(self, attribute): """ Based on attribute, make an educated guess as to the type of object we're looking for. """ + attribute = attribute.lower() object_type = None if attribute == "uid": # User object_type = "person" elif attribute == "cn": # Group object_type = "posixGroup" - elif attribute == "krbprincipal": # Service + elif attribute == "krbprincipalname": # Service object_type = "krbPrincipal" return object_type @@ -168,12 +179,18 @@ class ldap(CrudBackend): def search(self, **kw): objectclass = kw.get('objectclass') + sfilter = kw.get('filter') if objectclass: del kw['objectclass'] + if sfilter: + del kw['filter'] (exact_match_filter, partial_match_filter) = self._generate_search_filters(**kw) if objectclass: exact_match_filter = "(&(objectClass=%s)%s)" % (objectclass, exact_match_filter) partial_match_filter = "(&(objectClass=%s)%s)" % (objectclass, partial_match_filter) + if sfilter: + exact_match_filter = "(%s%s)" % (sfilter, exact_match_filter) + partial_match_filter = "(%s%s)" % (sfilter, partial_match_filter) search_base = "%s, %s" % (self.api.env.container_accounts, self.api.env.basedn) try: |