summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTomas Babej <tbabej@redhat.com>2015-04-29 08:15:55 +0200
committerTomas Babej <tbabej@redhat.com>2015-07-02 13:23:21 +0200
commit2104e07fa82dc599fe81cea822dfa8b060cc91cc (patch)
tree6da006022da47af466e037a0e4696ccaad149794
parent4c6ff801405de9bcc9175e1687a91ff55143d9b3 (diff)
downloadfreeipa-2104e07fa82dc599fe81cea822dfa8b060cc91cc.zip
freeipa-2104e07fa82dc599fe81cea822dfa8b060cc91cc.tar.gz
freeipa-2104e07fa82dc599fe81cea822dfa8b060cc91cc.tar.xz
migrate-winsync: Create user ID overrides in place of winsynced user entries
https://fedorahosted.org/freeipa/ticket/4524 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
-rw-r--r--ipaserver/winsync_migrate/base.py32
1 files changed, 32 insertions, 0 deletions
diff --git a/ipaserver/winsync_migrate/base.py b/ipaserver/winsync_migrate/base.py
index 8403889..4d2ef4d 100644
--- a/ipaserver/winsync_migrate/base.py
+++ b/ipaserver/winsync_migrate/base.py
@@ -27,6 +27,8 @@ from ipapython.dn import DN
from ipapython.ipa_log_manager import log_mgr
from ipaserver.plugins.ldap2 import ldap2
+DEFAULT_TRUST_VIEW_NAME = u'Default Trust View'
+
class MigrateWinsync(admintool.AdminTool):
"""
@@ -44,6 +46,33 @@ class MigrateWinsync(admintool.AdminTool):
"For more information, see `man ipa-migrate-winsync`."
)
+ def create_id_user_override(self, entry):
+ """
+ Creates ID override corresponding to this user entry.
+ """
+
+ user_identifier = u"%s@%s" % (entry['uid'][0], self.options.realm)
+
+ kwargs = {
+ 'uid': entry['uid'][0],
+ 'uidnumber': entry['uidnumber'][0],
+ 'gidnumber': entry['gidnumber'][0],
+ 'gecos': entry['gecos'][0],
+ 'loginshell': entry['loginshell'][0]
+ }
+
+ try:
+ result = api.Command['idoverrideuser_add'](
+ DEFAULT_TRUST_VIEW_NAME,
+ user_identifier,
+ **kwargs
+ )
+ except Exception as e:
+ self.log.warning("Migration failed: %s (%s)"
+ % (user_identifier, str(e)))
+ else:
+ self.log.debug("Migrated: %s" % user_identifier)
+
def find_winsync_users(self):
"""
Finds all users that were mirrored from AD using winsync.
@@ -81,4 +110,7 @@ class MigrateWinsync(admintool.AdminTool):
except errors.DatabaseError, e:
sys.exit("Cannot connect to the LDAP database. Please check if IPA is running.")
+ # Create ID overrides replacing the user winsync entries
entries = self.find_winsync_users()
+ for entry in entries:
+ self.create_id_user_override(entry)