diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-02-15 15:04:40 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2011-02-16 22:19:12 -0500 |
| commit | 86fe47b87df4e503e9d1d4c6cf6be62b5cbab685 (patch) | |
| tree | 09295d2c3c6534b6dca9b485757e0bf22d29a5fa /ipalib | |
| parent | 2f0e8e3a3d9de78d3711c73b480d79f68f0de0d0 (diff) | |
| download | freeipa-86fe47b87df4e503e9d1d4c6cf6be62b5cbab685.tar.gz freeipa-86fe47b87df4e503e9d1d4c6cf6be62b5cbab685.tar.xz freeipa-86fe47b87df4e503e9d1d4c6cf6be62b5cbab685.zip | |
Don't allow host cn to be changed (it isn't used anyway).
We are required by LDAP schema to have a cn value. Don't let
users change it thinking they are actually doing something.
tickets 706 and 707
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/host.py | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index 300f4b8b..73bad5f8 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -533,6 +533,8 @@ class host_mod(LDAPUpdate): def pre_callback(self, ldap, dn, entry_attrs, attrs_list, *keys, **options): # Once a principal name is set it cannot be changed + if 'cn' in entry_attrs: + raise errors.ACIError(info='cn is immutable') if 'locality' in entry_attrs: entry_attrs['l'] = entry_attrs['locality'] del entry_attrs['locality'] |