summaryrefslogtreecommitdiffstats
path: root/ipaserver/dcerpc.py
diff options
context:
space:
mode:
authorTomas Babej <tbabej@redhat.com>2013-02-04 08:33:53 -0500
committerMartin Kosek <mkosek@redhat.com>2013-02-18 16:37:07 +0100
commit559a87017a2776f4a615b1bdab43728c6851de99 (patch)
treee9675501a8722b009d4b129dd4d3ddcc74ad2dbb /ipaserver/dcerpc.py
parent3f8778890e1a62d251f7069ead981d088c014b16 (diff)
downloadfreeipa-559a87017a2776f4a615b1bdab43728c6851de99.tar.gz
freeipa-559a87017a2776f4a615b1bdab43728c6851de99.tar.xz
freeipa-559a87017a2776f4a615b1bdab43728c6851de99.zip
Add option to specify SID using domain name to idrange-add/mod
When adding/modifying an ID range for a trusted domain, the newly added option --dom-name can be used. This looks up SID of the trusted domain in LDAP and therefore the user is not required to write it down in CLI. If the lookup fails, error message asking the user to specify the SID manually is shown. https://fedorahosted.org/freeipa/ticket/3133
Diffstat (limited to 'ipaserver/dcerpc.py')
-rw-r--r--ipaserver/dcerpc.py10
1 files changed, 10 insertions, 0 deletions
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index 6243ebbb9..b471bccee 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -204,6 +204,16 @@ class DomainValidator(object):
else:
return True
+ def get_sid_from_domain_name(self, name):
+ """Returns binary representation of SID for the trusted domain name
+ or None if name is not in the list of trusted domains."""
+
+ domains = self.get_trusted_domains()
+ if name in domains:
+ return domains[name][1]
+ else:
+ return None
+
def get_trusted_domain_objects(self, domain=None, flatname=None, filter="",
attrs=None, scope=_ldap.SCOPE_SUBTREE, basedn=None):
"""
generated by cgit (git 2.34.1) at 2024-05-27 04:10:31 +0000