From ef5309d3764390e0364db2e21568f525a18babb5 Mon Sep 17 00:00:00 2001
From: Tomas Babej <tbabej@redhat.com>
Date: Thu, 19 Jun 2014 12:25:56 +0200
Subject: trusts: Allow reading ipaNTSecurityIdentifier in user and group
 objects

https://fedorahosted.org/freeipa/ticket/4385

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
 ipalib/plugins/group.py | 1 +
 ipalib/plugins/user.py  | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

(limited to 'ipalib')

diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py
index d130f8668..1ca149035 100644
--- a/ipalib/plugins/group.py
+++ b/ipalib/plugins/group.py
@@ -150,6 +150,7 @@ class group(LDAPObject):
                 'businesscategory', 'cn', 'description', 'gidnumber',
                 'ipaexternalmember', 'ipauniqueid', 'mepmanagedby', 'o',
                 'objectclass', 'ou', 'owner', 'seealso',
+                'ipantsecurityidentifier'
             },
         },
         'System: Read Group Membership': {
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
index 2ffc1ef4b..f646e8582 100644
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -266,7 +266,8 @@ class user(LDAPObject):
             'ipapermdefaultattr': {
                 'objectclass', 'cn', 'sn', 'description', 'title', 'uid',
                 'displayname', 'givenname', 'initials', 'manager', 'gecos',
-                'gidnumber', 'homedirectory', 'loginshell', 'uidnumber'
+                'gidnumber', 'homedirectory', 'loginshell', 'uidnumber',
+                'ipantsecurityidentifier'
             },
         },
         'System: Read User Addressbook Attributes': {
-- 
cgit