summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTomas Babej <tbabej@redhat.com>2015-04-29 08:15:54 +0200
committerTomas Babej <tbabej@redhat.com>2015-07-02 13:23:21 +0200
commit4c6ff801405de9bcc9175e1687a91ff55143d9b3 (patch)
tree1ea4191b8cbeb14e2a30d2e5a429b495235dfeba
parent0cb87fc31ae5babb9331ed81d8d743bcc5bb1c92 (diff)
downloadfreeipa-4c6ff801405de9bcc9175e1687a91ff55143d9b3.zip
freeipa-4c6ff801405de9bcc9175e1687a91ff55143d9b3.tar.gz
freeipa-4c6ff801405de9bcc9175e1687a91ff55143d9b3.tar.xz
winsync-migrate: Add a way to find all winsync users
https://fedorahosted.org/freeipa/ticket/4524 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
-rw-r--r--ipaserver/winsync_migrate/base.py25
1 files changed, 21 insertions, 4 deletions
diff --git a/ipaserver/winsync_migrate/base.py b/ipaserver/winsync_migrate/base.py
index c21a861..8403889 100644
--- a/ipaserver/winsync_migrate/base.py
+++ b/ipaserver/winsync_migrate/base.py
@@ -44,6 +44,23 @@ class MigrateWinsync(admintool.AdminTool):
"For more information, see `man ipa-migrate-winsync`."
)
+ def find_winsync_users(self):
+ """
+ Finds all users that were mirrored from AD using winsync.
+ """
+
+ user_filter = "(&(objectclass=ntuser)(ntUserDomainId=*))"
+ user_base = DN(api.env.container_user, api.env.basedn)
+ entries, _ = self.ldap.find_entries(
+ filter=user_filter,
+ base_dn=user_base,
+ paged_search=True)
+
+ for entry in entries:
+ self.log.debug("Discovered entry: %s" % entry)
+
+ return entries
+
def run(self):
super(MigrateWinsync, self).run()
@@ -55,13 +72,13 @@ class MigrateWinsync(admintool.AdminTool):
try:
ctx = krbV.default_context()
ccache = ctx.default_ccache()
- except krbV.Krb5Error, e:
- sys.exit("Must have Kerberos credentials to migrate Winsync users.")
-
- try:
api.Backend.ldap2.connect(ccache)
self.ldap = api.Backend.ldap2
+ except krbV.Krb5Error, e:
+ sys.exit("Must have Kerberos credentials to migrate Winsync users.")
except errors.ACIError, e:
sys.exit("Outdated Kerberos credentials. Use kdestroy and kinit to update your ticket.")
except errors.DatabaseError, e:
sys.exit("Cannot connect to the LDAP database. Please check if IPA is running.")
+
+ entries = self.find_winsync_users()