diff options
| author | rcritten@redhat.com <rcritten@redhat.com> | 2007-08-17 10:03:33 -0400 |
|---|---|---|
| committer | rcritten@redhat.com <rcritten@redhat.com> | 2007-08-17 10:03:33 -0400 |
| commit | 05f6a22110f058c089e4e9cd6d538264f439f5d2 (patch) | |
| tree | 074e87badeb62720c98e3abf279458167722b8ed /ipa-server/ipaserver/ipaldap.py | |
| parent | 92be45e3fe990bb650ed0b50d175176dd2d2f484 (diff) | |
| download | freeipa.git-05f6a22110f058c089e4e9cd6d538264f439f5d2.tar.gz freeipa.git-05f6a22110f058c089e4e9cd6d538264f439f5d2.tar.xz freeipa.git-05f6a22110f058c089e4e9cd6d538264f439f5d2.zip | |
Implement user inactivation
Comment some functions
Add attribute argument to get_user()
Diffstat (limited to 'ipa-server/ipaserver/ipaldap.py')
| -rw-r--r-- | ipa-server/ipaserver/ipaldap.py | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/ipa-server/ipaserver/ipaldap.py b/ipa-server/ipaserver/ipaldap.py index 08113b4c..936dd662 100644 --- a/ipa-server/ipaserver/ipaldap.py +++ b/ipa-server/ipaserver/ipaldap.py @@ -321,8 +321,28 @@ class IPAdmin(SimpleLDAPObject): try: self.set_option(ldap.OPT_SERVER_CONTROLS, sctrl) self.modify_s(dn, modlist) - except ldap.ALREADY_EXISTS: - raise ldap.ALREADY_EXISTS + except ldap.LDAPError, e: + raise e + return "Success" + + def inactivateEntry(self,dn,has_key): + """Rather than deleting entries we mark them as inactive. + has_key defines whether the entry already has nsAccountlock + set so we can determine which type of mod operation to run.""" + + sctrl = self.__get_server_controls__() + modlist=[] + + if has_key == True: + operation = ldap.MOD_REPLACE + else: + operation = ldap.MOD_ADD + + modlist.append((operation, "nsAccountlock", "true")) + + try: + self.set_option(ldap.OPT_SERVER_CONTROLS, sctrl) + self.modify_s(dn, modlist) except ldap.LDAPError, e: raise e return "Success" |