summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ipa-python/ipaerror.py5
-rw-r--r--ipa-server/xmlrpc-server/funcs.py3
2 files changed, 8 insertions, 0 deletions
diff --git a/ipa-python/ipaerror.py b/ipa-python/ipaerror.py
index c5ed7e778..8a47ead88 100644
--- a/ipa-python/ipaerror.py
+++ b/ipa-python/ipaerror.py
@@ -148,6 +148,11 @@ INPUT_NOT_DNS_A_RECORD = gen_error_code(
0x0003,
"The requested hostname is not a DNS A record. This is required by Kerberos.")
+INPUT_ADMINS_IMMUTABLE = gen_error_code(
+ INPUT_CATEGORY,
+ 0x0004,
+ "The admins group cannot be renamed.")
+
#
# Connection errors
#
diff --git a/ipa-server/xmlrpc-server/funcs.py b/ipa-server/xmlrpc-server/funcs.py
index a2031eca9..6bd404012 100644
--- a/ipa-server/xmlrpc-server/funcs.py
+++ b/ipa-server/xmlrpc-server/funcs.py
@@ -1518,6 +1518,9 @@ class IPAServer:
if isinstance(newcn, str):
newcn = [newcn]
+ if "admins" in oldcn:
+ raise ipaerror.gen_exception(ipaerror.INPUT_ADMINS_IMMUTABLE)
+
oldcn.sort()
newcn.sort()
if oldcn != newcn:
generated by cgit (git 2.34.1) at 2024-06-09 07:36:15 +0000