diff options
-rw-r--r-- | ipaserver/winsync_migrate/base.py | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/ipaserver/winsync_migrate/base.py b/ipaserver/winsync_migrate/base.py index 840388904..4d2ef4d3c 100644 --- a/ipaserver/winsync_migrate/base.py +++ b/ipaserver/winsync_migrate/base.py @@ -27,6 +27,8 @@ from ipapython.dn import DN from ipapython.ipa_log_manager import log_mgr from ipaserver.plugins.ldap2 import ldap2 +DEFAULT_TRUST_VIEW_NAME = u'Default Trust View' + class MigrateWinsync(admintool.AdminTool): """ @@ -44,6 +46,33 @@ class MigrateWinsync(admintool.AdminTool): "For more information, see `man ipa-migrate-winsync`." ) + def create_id_user_override(self, entry): + """ + Creates ID override corresponding to this user entry. + """ + + user_identifier = u"%s@%s" % (entry['uid'][0], self.options.realm) + + kwargs = { + 'uid': entry['uid'][0], + 'uidnumber': entry['uidnumber'][0], + 'gidnumber': entry['gidnumber'][0], + 'gecos': entry['gecos'][0], + 'loginshell': entry['loginshell'][0] + } + + try: + result = api.Command['idoverrideuser_add']( + DEFAULT_TRUST_VIEW_NAME, + user_identifier, + **kwargs + ) + except Exception as e: + self.log.warning("Migration failed: %s (%s)" + % (user_identifier, str(e))) + else: + self.log.debug("Migrated: %s" % user_identifier) + def find_winsync_users(self): """ Finds all users that were mirrored from AD using winsync. @@ -81,4 +110,7 @@ class MigrateWinsync(admintool.AdminTool): except errors.DatabaseError, e: sys.exit("Cannot connect to the LDAP database. Please check if IPA is running.") + # Create ID overrides replacing the user winsync entries entries = self.find_winsync_users() + for entry in entries: + self.create_id_user_override(entry) |