diff options
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/plugins/idrange.py | 61 |
1 files changed, 34 insertions, 27 deletions
diff --git a/ipalib/plugins/idrange.py b/ipalib/plugins/idrange.py index 06fcc4fc7..cf74a75ff 100644 --- a/ipalib/plugins/idrange.py +++ b/ipalib/plugins/idrange.py @@ -394,40 +394,47 @@ class idrange_add(LDAPCreate): dom_sid_set = any(dom_id in kw for dom_id in ('ipanttrusteddomainname', 'ipanttrusteddomainsid')) - rid_base_set = 'ipabaserid' in kw - secondary_rid_base_set = 'ipasecondarybaserid' in kw + rid_base = kw.get('ipabaserid', None) + secondary_rid_base = kw.get('ipasecondarybaserid', None) - # Prompt for RID base if domain SID / name was given - if dom_sid_set and not rid_base_set: - value = self.prompt_param(self.params['ipabaserid']) - kw.update(dict(ipabaserid=value)) + def set_from_prompt(param): + value = self.prompt_param(self.params[param]) + update = {param: value} + kw.update(update) - if not dom_sid_set: - # Prompt for secondary RID base if RID base was given - if rid_base_set and not secondary_rid_base_set: - value = self.prompt_param(self.params['ipasecondarybaserid']) - kw.update(dict(ipasecondarybaserid=value)) + if dom_sid_set: + # This is a trusted range - # Symetrically, prompt for RID base if secondary RID base was given - if not rid_base_set and secondary_rid_base_set: - value = self.prompt_param(self.params['ipabaserid']) - kw.update(dict(ipabaserid=value)) + # Prompt for RID base if domain SID / name was given + if rid_base is None: + set_from_prompt('ipabaserid') - # Prompt for rid-base and secondary-rid-base if ipa-adtrust-install - # has been run on the system - adtrust_is_enabled = api.Command['adtrust_is_enabled']()['result'] + else: + # This is a local range + # Find out whether ipa-adtrust-install has been ran + adtrust_is_enabled = api.Command['adtrust_is_enabled']()['result'] - if adtrust_is_enabled: - rid_base = kw.get('ipabaserid', None) - secondary_rid_base = kw.get('ipasecondarybaserid', None) + if adtrust_is_enabled: + # If ipa-adtrust-install has been ran, all local ranges + # require both RID base and secondary RID base - if rid_base is None: - value = self.prompt_param(self.params['ipabaserid']) - kw.update(dict(ipabaserid=value)) + if rid_base is None: + set_from_prompt('ipabaserid') + + if secondary_rid_base is None: + set_from_prompt('ipasecondarybaserid') + + else: + # This is a local range on a server with no adtrust support + + # Prompt for secondary RID base only if RID base was given + if rid_base is not None and secondary_rid_base is None: + set_from_prompt('ipasecondarybaserid') - if secondary_rid_base is None: - value = self.prompt_param(self.params['ipasecondarybaserid']) - kw.update(dict(ipasecondarybaserid=value)) + # Symetrically, prompt for RID base if secondary RID base was + # given + if rid_base is None and secondary_rid_base is not None: + set_from_prompt('ipabaserid') def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): assert isinstance(dn, DN) |