summaryrefslogtreecommitdiffstats
path: root/ipaserver
diff options
context:
space:
mode:
Diffstat (limited to 'ipaserver')
-rw-r--r--ipaserver/install/adtrustinstance.py17
-rw-r--r--ipaserver/install/cainstance.py2
-rw-r--r--ipaserver/install/dsinstance.py2
-rw-r--r--ipaserver/install/krbinstance.py7
-rw-r--r--ipaserver/install/ldapupdate.py4
-rw-r--r--ipaserver/install/replication.py18
-rw-r--r--ipaserver/install/service.py4
-rw-r--r--ipaserver/ipaldap.py7
8 files changed, 33 insertions, 28 deletions
diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py
index cba88eb06..2391cf007 100644
--- a/ipaserver/install/adtrustinstance.py
+++ b/ipaserver/install/adtrustinstance.py
@@ -22,7 +22,6 @@ import errno
import ldap
import tempfile
import uuid
-from ipaserver import ipaldap
from ipaserver.install import installutils
from ipaserver.install import service
from ipaserver.install.dsinstance import realm_to_serverid
@@ -327,7 +326,7 @@ class ADTRUSTInstance(service.Service):
try:
self.admin_conn.getEntry(new_dn, ldap.SCOPE_BASE)
except errors.NotFound:
- entry = ipaldap.Entry(new_dn)
+ entry = self.admin_conn.make_entry(new_dn)
entry.setValues("objectclass", ["nsContainer"])
try:
name = new_dn[1].attr
@@ -338,7 +337,7 @@ class ADTRUSTInstance(service.Service):
entry.setValues("cn", name)
self.admin_conn.addEntry(entry)
- entry = ipaldap.Entry(self.smb_dom_dn)
+ entry = self.admin_conn.make_entry(self.smb_dom_dn)
entry.setValues("objectclass", [self.OBJC_DOMAIN, "nsContainer"])
entry.setValues("cn", self.domain_name)
entry.setValues(self.ATTR_FLAT_NAME, self.netbios_name)
@@ -415,7 +414,7 @@ class ADTRUSTInstance(service.Service):
('cn', 'etc'), self.suffix)
try:
targets = self.admin_conn.getEntry(targets_dn, ldap.SCOPE_BASE)
- current = ipaldap.Entry((targets_dn, targets.toDict()))
+ current = self.admin_conn.make_entry(targets_dn, targets.toDict())
members = current.getValues('memberPrincipal') or []
if not(self.cifs_principal in members):
current.setValues("memberPrincipal", members + [self.cifs_principal])
@@ -447,13 +446,13 @@ class ADTRUSTInstance(service.Service):
# the principal's proper dn as defined in self.cifs_agent
try:
entry = self.admin_conn.getEntry(self.smb_dn, ldap.SCOPE_BASE)
- current = ipaldap.Entry((self.smb_dn, entry.toDict()))
+ current = self.admin_conn.make_entry(self.smb_dn, entry.toDict())
members = current.getValues('member') or []
if not(self.cifs_agent in members):
current.setValues("member", members + [self.cifs_agent])
self.admin_conn.updateEntry(self.smb_dn, entry.toDict(), current.toDict())
except errors.NotFound:
- entry = ipaldap.Entry(self.smb_dn)
+ entry = self.admin_conn.make_entry(self.smb_dn)
entry.setValues("objectclass", ["top", "GroupOfNames"])
entry.setValues("cn", self.smb_dn['cn'])
entry.setValues("member", [self.cifs_agent])
@@ -735,9 +734,9 @@ class ADTRUSTInstance(service.Service):
"range.\nAdd local ID range manually and try " \
"again!")
- entry = ipaldap.Entry(DN(('cn', ('%s_id_range' % self.realm)),
- api.env.container_ranges,
- self.suffix))
+ entry = self.admin_conn.make_entry(DN(('cn', ('%s_id_range' % self.realm)),
+ api.env.container_ranges,
+ self.suffix))
entry.setValue('objectclass', 'ipaDomainIDRange')
entry.setValue('cn', ('%s_id_range' % self.realm))
entry.setValue('ipaBaseID', str(base_id))
diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index d29f6746c..e3122cf29 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -395,7 +395,7 @@ class CADSInstance(service.Service):
(ldap.MOD_ADD, "nsslapd-secureport", str(DEFAULT_DSPORT+1))]
conn.modify_s(DN(('cn', 'config')), mod)
- entry = ipaldap.Entry(DN(('cn', 'RSA'), ('cn', 'encryption'), ('cn', 'config')))
+ entry = conn.make_entry(DN(('cn', 'RSA'), ('cn', 'encryption'), ('cn', 'config')))
entry.setValues("objectclass", "top", "nsEncryptionModule")
entry.setValues("cn", "RSA")
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index 4689fd2bf..7bfcfd6c9 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -570,7 +570,7 @@ class DsInstance(service.Service):
mod = [(ldap.MOD_ADD, "nsslapd-security", "on")]
conn.modify_s(DN(('cn', 'config')), mod)
- entry = ipaldap.Entry(DN(('cn', 'RSA'), ('cn', 'encryption'), ('cn', 'config')))
+ entry = conn.make_entry(DN(('cn', 'RSA'), ('cn', 'encryption'), ('cn', 'config')))
entry.setValues("objectclass", "top", "nsEncryptionModule")
entry.setValues("cn", "RSA")
diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py
index d783da0ab..43fe2b1fd 100644
--- a/ipaserver/install/krbinstance.py
+++ b/ipaserver/install/krbinstance.py
@@ -34,7 +34,6 @@ from ipalib import errors
from ipapython.ipa_log_manager import *
from ipapython.dn import DN
-from ipaserver import ipaldap
from ipaserver.install import replication
from ipaserver.install import dsinstance
@@ -110,7 +109,7 @@ class KrbInstance(service.Service):
# Create a host entry for this master
host_dn = DN(('fqdn', self.fqdn), ('cn', 'computers'), ('cn', 'accounts'), self.suffix)
- host_entry = ipaldap.Entry(host_dn)
+ host_entry = self.admin_conn.make_entry(host_dn)
host_entry.setValues('objectclass', ['top', 'ipaobject', 'nshost', 'ipahost', 'ipaservice', 'pkiuser', 'krbprincipalaux', 'krbprincipal', 'krbticketpolicyaux', 'ipasshhost'])
host_entry.setValues('krbextradata', service_entry.getValues('krbextradata'))
host_entry.setValue('krblastpwdchange', service_entry.getValue('krblastpwdchange'))
@@ -265,7 +264,7 @@ class KrbInstance(service.Service):
root_logger.critical("Error while enumerating SASL mappings %s" % str(e))
raise e
- entry = ipaldap.Entry(DN(('cn', 'Full Principal'), ('cn', 'mapping'), ('cn', 'sasl'), ('cn', 'config')))
+ entry = self.admin_conn.make_entry(DN(('cn', 'Full Principal'), ('cn', 'mapping'), ('cn', 'sasl'), ('cn', 'config')))
entry.setValues("objectclass", "top", "nsSaslMapping")
entry.setValues("cn", "Full Principal")
entry.setValues("nsSaslMapRegexString", '\(.*\)@\(.*\)')
@@ -278,7 +277,7 @@ class KrbInstance(service.Service):
root_logger.critical("failed to add Full Principal Sasl mapping")
raise e
- entry = ipaldap.Entry(DN(('cn', 'Name Only'), ('cn', 'mapping'), ('cn', 'sasl'), ('cn', 'config')))
+ entry = self.admin_conn.make_entry(DN(('cn', 'Name Only'), ('cn', 'mapping'), ('cn', 'sasl'), ('cn', 'config')))
entry.setValues("objectclass", "top", "nsSaslMapping")
entry.setValues("cn", "Name Only")
entry.setValues("nsSaslMapRegexString", '^[^:@]+$')
diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py
index 0d2606404..d2a23e55e 100644
--- a/ipaserver/install/ldapupdate.py
+++ b/ipaserver/install/ldapupdate.py
@@ -449,7 +449,7 @@ class LDAPUpdate:
cn = "indextask_%s_%s_%s" % (attribute, cn_uuid.time, cn_uuid.clock_seq)
dn = DN(('cn', cn), ('cn', 'index'), ('cn', 'tasks'), ('cn', 'config'))
- e = ipaldap.Entry(dn)
+ e = self.conn.make_entry(dn)
e.setValues('objectClass', ['top', 'extensibleObject'])
e.setValue('cn', cn)
@@ -511,7 +511,7 @@ class LDAPUpdate:
The return type is Entity
"""
assert isinstance(dn, DN)
- entry = ipaldap.Entry(dn)
+ entry = self.conn.make_entry(dn)
if not default:
# This means that the entire entry needs to be created with add
diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py
index fdd5c0b4d..35c8d91c7 100644
--- a/ipaserver/install/replication.py
+++ b/ipaserver/install/replication.py
@@ -287,7 +287,7 @@ class ReplicationManager(object):
rdn_attr = dn[0].attr
rdn_val = dn[0].value
- ent = ipaldap.Entry(dn)
+ ent = conn.make_entry(dn)
ent.setValues("objectclass", "top", "person")
ent.setValues(rdn_attr, rdn_val)
ent.setValues("userpassword", pw)
@@ -337,7 +337,7 @@ class ReplicationManager(object):
replica_type = self.get_replica_type()
- entry = ipaldap.Entry(dn)
+ entry = conn.make_entry(dn)
entry.setValues('objectclass', "top", "nsds5replica", "extensibleobject")
entry.setValues('cn', "replica")
entry.setValues('nsds5replicaroot', str(self.suffix))
@@ -352,7 +352,7 @@ class ReplicationManager(object):
def setup_changelog(self, conn):
dn = DN(('cn', 'changelog5'), ('cn', 'config'))
dirpath = conn.dbdir + "/cldb"
- entry = ipaldap.Entry(dn)
+ entry = conn.make_entry(dn)
entry.setValues('objectclass', "top", "extensibleobject")
entry.setValues('cn', "changelog5")
entry.setValues('nsslapd-changelogdir', dirpath)
@@ -372,7 +372,7 @@ class ReplicationManager(object):
try:
cn = benamebase + str(benum) # e.g. localdb1
dn = DN(('cn', cn), chaindn)
- entry = ipaldap.Entry(dn)
+ entry = self.conn.make_entry(dn)
entry.setValues('objectclass', 'top', 'extensibleObject', 'nsBackendInstance')
entry.setValues('cn', cn)
entry.setValues('nsslapd-suffix', str(self.suffix))
@@ -444,7 +444,7 @@ class ReplicationManager(object):
pass
# The user doesn't exist, add it
- entry = ipaldap.Entry(pass_dn)
+ entry = conn.make_entry(pass_dn)
entry.setValues("objectclass", ["account", "simplesecurityobject"])
entry.setValues("uid", "passsync")
entry.setValues("userPassword", password)
@@ -516,7 +516,7 @@ class ReplicationManager(object):
except errors.NotFound:
pass
- entry = ipaldap.Entry(dn)
+ entry = a_conn.make_entry(dn)
entry.setValues('objectclass', "nsds5replicationagreement")
entry.setValues('cn', cn)
entry.setValues('nsds5replicahost', b_hostname)
@@ -912,7 +912,7 @@ class ReplicationManager(object):
# Add winsync replica to the public DIT
dn = DN(('cn',ad_dc_name),('cn','replicas'),('cn','ipa'),('cn','etc'), self.suffix)
- entry = ipaldap.Entry(dn)
+ entry = self.conn.make_entry(dn)
entry.setValues("objectclass", ["nsContainer", "ipaConfigObject"])
entry.setValues("cn", ad_dc_name)
entry.setValues("ipaConfigString", "winsync:%s" % self.hostname)
@@ -1167,7 +1167,7 @@ class ReplicationManager(object):
root_logger.debug("Creating CLEANALLRUV task for replica id %d" % replicaId)
dn = DN(('cn', 'clean %d' % replicaId), ('cn', 'cleanallruv'),('cn', 'tasks'), ('cn', 'config'))
- e = ipaldap.Entry(dn)
+ e = self.conn.make_entry(dn)
e.setValues('objectclass', ['top', 'extensibleObject'])
e.setValue('replica-base-dn', api.env.basedn)
e.setValue('replica-id', replicaId)
@@ -1190,7 +1190,7 @@ class ReplicationManager(object):
root_logger.debug("Creating task to abort a CLEANALLRUV operation for replica id %d" % replicaId)
dn = DN(('cn', 'abort %d' % replicaId), ('cn', 'abort cleanallruv'),('cn', 'tasks'), ('cn', 'config'))
- e = ipaldap.Entry(dn)
+ e = self.conn.make_entry(dn)
e.setValues('objectclass', ['top', 'extensibleObject'])
e.setValue('replica-base-dn', api.env.basedn)
e.setValue('replica-id', replicaId)
diff --git a/ipaserver/install/service.py b/ipaserver/install/service.py
index 38ee45e31..8b042df6d 100644
--- a/ipaserver/install/service.py
+++ b/ipaserver/install/service.py
@@ -216,7 +216,7 @@ class Service(object):
dn = DN(('krbprincipalname', principal), ('cn', 'services'), ('cn', 'accounts'), self.suffix)
hostdn = DN(('fqdn', self.fqdn), ('cn', 'computers'), ('cn', 'accounts'), self.suffix)
- entry = ipaldap.Entry(dn)
+ entry = self.admin_conn.make_entry(dn)
entry.setValues("objectclass", ["krbprincipal", "krbprincipalaux", "krbticketpolicyaux", "ipaobject", "ipaservice", "pkiuser"])
entry.setValue("krbprincipalname", principal)
entry.setValue("ipauniqueid", 'autogenerate')
@@ -373,7 +373,7 @@ class Service(object):
entry_name = DN(('cn', name), ('cn', fqdn), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ldap_suffix)
order = SERVICE_LIST[name][1]
- entry = ipaldap.Entry(entry_name)
+ entry = self.admin_conn.make_entry(entry_name)
entry.setValues("objectclass",
"nsContainer", "ipaConfigObject")
entry.setValues("cn", name)
diff --git a/ipaserver/ipaldap.py b/ipaserver/ipaldap.py
index 40d9f9e83..e3c74f83d 100644
--- a/ipaserver/ipaldap.py
+++ b/ipaserver/ipaldap.py
@@ -961,6 +961,9 @@ class LDAPConnection(object):
parent_dn = self.normalize_dn(parent_dn)
return DN((primary_key, entry_attrs[primary_key]), parent_dn)
+ def make_entry(self, _dn=None, _obj=None, **kwargs):
+ return LDAPEntry(_dn, _obj, **kwargs)
+
# generating filters for find_entry
# some examples:
# f1 = ldap2.make_filter_from_attr(u'firstName', u'Pavel')
@@ -1651,6 +1654,10 @@ class IPAdmin(LDAPConnection):
self.__bind_with_wait(self.sasl_interactive_bind_s, timeout, None, auth_tokens)
self.__lateinit()
+ def make_entry(self, _dn=None, _obj=None, **kwargs):
+ entry = super(IPAdmin, self).make_entry(_dn, _obj, **kwargs)
+ return Entry((entry.dn, entry))
+
def getEntry(self, base, scope, filterstr='(objectClass=*)',
attrlist=None):
# FIXME: for backwards compatibility only