diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2014-01-14 14:23:47 -0500 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2014-01-15 10:02:49 +0100 |
| commit | 0070c0fedab5386b313908762c6b6ab2c1577489 (patch) | |
| tree | ad1e512005276e5a0ef4d4a16985146763ad8d48 /ipalib | |
| parent | 689382dc833e687d30349b10a8fd7dc740d54d08 (diff) | |
| download | freeipa-0070c0fedab5386b313908762c6b6ab2c1577489.tar.gz freeipa-0070c0fedab5386b313908762c6b6ab2c1577489.tar.xz freeipa-0070c0fedab5386b313908762c6b6ab2c1577489.zip | |
Change the way we determine if the host has a password set.
When creating a host with a password we don't set a Kerberos
principal or add the Kerberos objectclasses. Those get added when the
host is enrolled. If one passed in --password= (so no password) then
we incorrectly thought the user was in fact setting a password, so the
principal and objectclasses weren't updated.
https://fedorahosted.org/freeipa/ticket/4102
Diffstat (limited to 'ipalib')
| -rw-r--r-- | ipalib/plugins/host.py | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index ef7ec5284..27b692a9e 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -424,7 +424,7 @@ class host_add(LDAPCreate): entry_attrs['l'] = entry_attrs['locality'] entry_attrs['cn'] = keys[-1] entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0] - if 'userpassword' not in entry_attrs and not options.get('random', False): + if not entry_attrs.get('userpassword', False) and not options.get('random', False): entry_attrs['krbprincipalname'] = 'host/%s@%s' % ( keys[-1], self.api.env.realm ) |