diff options
Diffstat (limited to 'ipa-admintools/ipa-adduser')
-rw-r--r-- | ipa-admintools/ipa-adduser | 39 |
1 files changed, 28 insertions, 11 deletions
diff --git a/ipa-admintools/ipa-adduser b/ipa-admintools/ipa-adduser index c3c5909f6..cf1f43244 100644 --- a/ipa-admintools/ipa-adduser +++ b/ipa-admintools/ipa-adduser @@ -218,8 +218,24 @@ def main(): user.setValue(attr, value) client = ipaclient.IPAClient(verbose=options.verbose) + + # get group dns and verify they exist + groups_to_add = [] + if groups: + for group in groups.split(','): + group_dn = get_group_dn(client, group) + if not group_dn: + print "group %s doesn't exist" % group + return 1 + groups_to_add.append(group_dn) + + # add the user client.add_user(user) + # add the user to all the groups + for group in groups_to_add: + client.add_user_to_group(username, group) + # Set the User's password if password is not None: try: @@ -229,20 +245,21 @@ def main(): print "%s" % (e.message) return 1 - # Add to any groups - if groups: - add_groups = groups.split(',') - for g in add_groups: - if g: - try: - client.add_user_to_group(username, g) - print "%s added to group %s" % (username, g) - except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND): - print "group %s doesn't exist, skipping" % g - print username + " successfully added" return 0 +def get_group_dn(client, group_name): + if not group_name: + return None + + found = client.find_groups(group_name) + if len(found) < 2: + return None + for group in found[1:]: + if group.cn == group_name: + return group.dn + return None + try: if __name__ == "__main__": sys.exit(main()) |