Use the search fields from the configuration when searching

Generalize the attribute -> objectclass search helper
author: Rob Crittenden <rcritten@redhat.com> 2008-10-16 15:00:30 -0400
committer: Rob Crittenden <rcritten@redhat.com> 2008-10-16 15:00:30 -0400
commit: f777f72de6a7c1d3ef29088fbf89722c1148f246 (patch)
tree: 8c79867b165498ed954134da88c3ce2bf1a41e27 /ipa_server
parent: 5748fce84ca0c0256183e1da308cb9f7ae4e73de (diff)
download: freeipa-f777f72de6a7c1d3ef29088fbf89722c1148f246.tar.gz
freeipa-f777f72de6a7c1d3ef29088fbf89722c1148f246.tar.xz
freeipa-f777f72de6a7c1d3ef29088fbf89722c1148f246.zip
2 files changed, 20 insertions, 10 deletions
diff --git a/ipa_server/plugins/b_ldap.py b/ipa_server/plugins/b_ldap.py
index 29f2ee843..bc1f8951c 100644
--- a/ipa_server/plugins/b_ldap.py
+++ b/ipa_server/plugins/b_ldap.py
@@ -58,20 +58,30 @@ class ldap(CrudBackend):
             self.api.env.basedn,
         )
 
+    def get_object_type(self, attribute):
+        """
+        Based on attribute, make an educated guess as to the type of
+        object we're looking for.
+        """
+        object_type = None
+        if attribute == "uid": # User
+            object_type = "person"
+        elif attribute == "cn": # Group
+            object_type = "posixGroup"
+        elif attribute == "krbprincipal": # Service
+            object_type = "krbPrincipal"
+
+        return object_type
+
     def find_entry_dn(self, key_attribute, primary_key, object_type=None):
         """
         Find an existing entry's dn from an attribute
         """
         key_attribute = key_attribute.lower()
         if not object_type:
-            if key_attribute == "uid": # User
-                filter = "posixAccount"
-            elif key_attribute == "cn": # Group
-                object_type = "posixGroup"
-            elif key_attribute == "krbprincipal": # Service
-                object_type = "krbPrincipal"
-            else:
-                return None
+            object_type = self.get_object_type(key_attribute)
+        if not object_type:
+            return None
 
         filter = "(&(%s=%s)(objectclass=%s))" % (
             key_attribute,
@@ -83,7 +93,7 @@ class ldap(CrudBackend):
 
         entry = servercore.get_sub_entry(search_base, filter, ['dn', 'objectclass'])
 
-        return entry['dn']
+        return entry.get('dn')
 
     def get_ipa_config(self):
         """Return a dictionary of the IPA configuration"""
diff --git a/ipa_server/servercore.py b/ipa_server/servercore.py
index ea6beecf5..ab7596392 100644
--- a/ipa_server/servercore.py
+++ b/ipa_server/servercore.py
@@ -178,7 +178,7 @@ def get_user_by_uid(uid, sattrs):
     """Get a specific user's entry."""
     # FIXME: should accept a container to look in
 #    uid = self.__safe_filter(uid)
-    searchfilter = "(&(uid=%s)(objectclass=posixAccount))" % uid
+    searchfilter = "(&(uid=%s)(objectclass=person))" % uid
 
     return get_sub_entry("cn=accounts," + basedn, searchfilter, sattrs)
author	Rob Crittenden <rcritten@redhat.com>	2008-10-16 15:00:30 -0400
committer	Rob Crittenden <rcritten@redhat.com>	2008-10-16 15:00:30 -0400
commit	f777f72de6a7c1d3ef29088fbf89722c1148f246 (patch)
tree	8c79867b165498ed954134da88c3ce2bf1a41e27 /ipa_server
parent	5748fce84ca0c0256183e1da308cb9f7ae4e73de (diff)
download	freeipa-f777f72de6a7c1d3ef29088fbf89722c1148f246.tar.gz freeipa-f777f72de6a7c1d3ef29088fbf89722c1148f246.tar.xz freeipa-f777f72de6a7c1d3ef29088fbf89722c1148f246.zip