diff options
| author | rcritten@redhat.com <rcritten@redhat.com> | 2007-09-11 02:48:53 -0400 |
|---|---|---|
| committer | rcritten@redhat.com <rcritten@redhat.com> | 2007-09-11 02:48:53 -0400 |
| commit | ed6ab17c9c703edb43c92a3205c5536771ce4d4f (patch) | |
| tree | af34ee5fdda2896a180ac332b0db4d9e57d2533d /ipa-server/ipaserver/ipaldap.py | |
| parent | 2ca655980b623a4a65a635a1467c0db90f421f25 (diff) | |
| download | freeipa.git-ed6ab17c9c703edb43c92a3205c5536771ce4d4f.tar.gz freeipa.git-ed6ab17c9c703edb43c92a3205c5536771ce4d4f.tar.xz freeipa.git-ed6ab17c9c703edb43c92a3205c5536771ce4d4f.zip | |
Add function to allow user's to set/reset their kerberos password
Remove some unused calls to retrieve the current realm
Diffstat (limited to 'ipa-server/ipaserver/ipaldap.py')
| -rw-r--r-- | ipa-server/ipaserver/ipaldap.py | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/ipa-server/ipaserver/ipaldap.py b/ipa-server/ipaserver/ipaldap.py index c0452b05..27a8903d 100644 --- a/ipa-server/ipaserver/ipaldap.py +++ b/ipa-server/ipaserver/ipaldap.py @@ -469,6 +469,24 @@ class IPAdmin(SimpleLDAPObject): raise ipaerror.gen_exception(ipaerror.LDAP_DATABASE_ERROR, None, e) return "Success" + def modifyPassword(self,dn,oldpass,newpass): + """Set the user password using RFC 3062, LDAP Password Modify Extended + Operation. This ends up calling the IPA password slapi plugin + handler so the Kerberos password gets set properly. + + oldpass is not mandatory + """ + + sctrl = self.__get_server_controls__() + + try: + if sctrl is not None: + self.set_option(ldap.OPT_SERVER_CONTROLS, sctrl) + self.passwd_s(dn, oldpass, newpass) + except ldap.LDAPError, e: + raise ipaerror.gen_exception(ipaerror.LDAP_DATABASE_ERROR, None, e) + return "Success" + def __wrapmethods(self): """This wraps all methods of SimpleLDAPObject, so that we can intercept the methods that deal with entries. Instead of using a raw list of tuples |