Remove some uses of raw python-ldap

Part of the work for: https://fedorahosted.org/freeipa/ticket/2660

3 files changed, 12 insertions, 15 deletions

diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index 4d91dd6ff..51c542734 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -37,8 +37,6 @@ from ipapython.dn import DN
 from ipaserver.install import replication
 from ipaserver.install import dsinstance
 
-import ldap
-
 import pyasn1.codec.ber.decoder
 import struct
 
@@ -260,7 +258,7 @@ class KrbInstance(service.Service):
         try:
             res = self.admin_conn.get_entries(
                 DN(('cn', 'mapping'), ('cn', 'sasl'), ('cn', 'config')),
-                ldap.SCOPE_ONELEVEL,
+                self.admin_conn.SCOPE_ONELEVEL,
                 "(objectclass=nsSaslMapping)")
             for r in res:
                 try:
@@ -360,8 +358,8 @@ class KrbInstance(service.Service):
 
     def __write_stash_from_ds(self):
         try:
-            entries = self.admin_conn.get_entries(self.get_realm_suffix(),
-                                                  ldap.SCOPE_SUBTREE)
+            entries = self.admin_conn.get_entries(
+                self.get_realm_suffix(), self.admin_conn.SCOPE_SUBTREE)
             # TODO: Ensure we got only one entry
             entry = entries[0]
         except errors.NotFound, e:
diff --git a/ipaserver/install/plugins/rename_managed.py b/ipaserver/install/plugins/rename_managed.py
index c83e8a8a2..206e0a0da 100644
--- a/ipaserver/install/plugins/rename_managed.py
+++ b/ipaserver/install/plugins/rename_managed.py
@@ -22,7 +22,6 @@ from ipaserver.install.plugins.baseupdate import PreUpdate, PostUpdate
 from ipalib import api, errors
 from ipapython import ipautil
 from ipapython.dn import DN, EditableDN
-import ldap as _ldap
 
 def entry_to_update(entry):
     """
@@ -66,9 +65,9 @@ class GenerateUpdateMixin(object):
 
         # If the old entries don't exist the server has already been updated.
         try:
-            (definitions_managed_entries, truncated) = ldap.find_entries(
-                searchfilter, ['*'], old_definition_container, _ldap.SCOPE_ONELEVEL, normalize=False
-            )
+            definitions_managed_entries, truncated = ldap.find_entries(
+                searchfilter, ['*'], old_definition_container,
+                ldap.SCOPE_ONELEVEL, normalize=False)
         except errors.NotFound, e:
             return (False, update_list)
 
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index cc5bb877f..633287e20 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -24,8 +24,6 @@ import pwd
 import time
 import datetime
 
-import ldap
-
 from ipapython import sysrestore
 from ipapython import ipautil
 from ipapython import dogtag
@@ -249,10 +247,12 @@ class Service(object):
             self.ldap_disconnect()
         self.ldap_connect()
 
-        dn = DN(('krbprincipalname', self.principal), ('cn', 'services'), ('cn', 'accounts'), self.suffix)
-        mod = [(ldap.MOD_ADD, 'userCertificate', self.dercert)]
+        dn = DN(('krbprincipalname', self.principal), ('cn', 'services'),
+                ('cn', 'accounts'), self.suffix)
+        entry = self.admin_conn.get_entry(dn)
+        entry.setdefault('userCertificate', []).append(self.dercert)
         try:
-            self.admin_conn.modify_s(dn, mod)
+            self.admin_conn.update_entry(entry)
         except Exception, e:
             root_logger.critical("Could not add certificate to service %s entry: %s" % (self.principal, str(e)))
 
@@ -387,7 +387,7 @@ class Service(object):
 
         try:
             self.admin_conn.add_entry(entry)
-        except (ldap.ALREADY_EXISTS, errors.DuplicateEntry), e:
+        except (errors.DuplicateEntry), e:
             root_logger.debug("failed to add %s Service startup entry" % name)
             raise e