diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2007-11-15 14:44:09 -0500 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2007-11-15 14:44:09 -0500 |
| commit | 0a3ed697465db8179a15f3b64160d8d545710698 (patch) | |
| tree | 7f2a28d16432e5e30a875144b2c7eb965128f38a /ipa-admintools | |
| parent | b01c468e8caff10b82755ab103ff4d9bd04a0a7f (diff) | |
| download | freeipa.git-0a3ed697465db8179a15f3b64160d8d545710698.tar.gz freeipa.git-0a3ed697465db8179a15f3b64160d8d545710698.tar.xz freeipa.git-0a3ed697465db8179a15f3b64160d8d545710698.zip | |
Completely remove attributes when delattr argument in ipa-groupmod
Diffstat (limited to 'ipa-admintools')
| -rw-r--r-- | ipa-admintools/ipa-groupmod | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/ipa-admintools/ipa-groupmod b/ipa-admintools/ipa-groupmod index 1e07e609..c7e6e1fa 100644 --- a/ipa-admintools/ipa-groupmod +++ b/ipa-admintools/ipa-groupmod @@ -67,9 +67,18 @@ def parse_options(): return options, args -def get_group(client, group_cn): +def get_group(client, options, group_cn): try: - group = client.get_entry_by_cn(group_cn) + attrs = ['*'] + + # in case any attributes being modified are operational such as + # nsaccountlock. Any attribute to be deleted needs to be included + # in the original record so it can be seen as being removed. + if options.delattr: + for d in options.delattr: + attrs.append(d) + group = client.get_entry_by_cn(group_cn, sattrs=attrs) + except ipa.ipaerror.IPAError, e: print "%s" % e.message return None @@ -88,7 +97,7 @@ def main(): try: client = ipaclient.IPAClient() if options.add: - group = get_group(client, args[2]) + group = get_group(client, options, args[2]) if group is None: return 1 users = args[1].split(',') @@ -96,7 +105,7 @@ def main(): client.add_user_to_group(user, group.dn) print user + " successfully added to " + args[2] elif options.remove: - group = get_group(client, args[2]) + group = get_group(client, options, args[2]) if group is None: return 1 users = args[1].split(',') @@ -104,7 +113,7 @@ def main(): client.remove_user_from_group(user, group.dn) print user + " successfully removed" else: - group = get_group(client, args[1]) + group = get_group(client, options, args[1]) if group is None: return 1 @@ -113,8 +122,7 @@ def main(): if options.delattr: for d in options.delattr: - # doesn't truly delete the attribute but does null out the value - group.setValue(d, '') + group.delValue(d) if options.setattr: for s in options.setattr: |