diff options
-rw-r--r-- | API.txt | 4 | ||||
-rw-r--r-- | VERSION | 2 | ||||
-rw-r--r-- | ipalib/plugins/trust.py | 44 |
3 files changed, 49 insertions, 1 deletions
@@ -490,6 +490,10 @@ args: 1,1,1 arg: Str('request_id') option: Str('version?', exclude='webui') output: Output('result', None, None) +command: compat_is_enabled +args: 0,1,1 +option: Str('version?', exclude='webui') +output: Output('result', None, None) command: config_mod args: 0,24,3 option: Str('addattr*', cli_name='addattr', exclude='webui') @@ -89,4 +89,4 @@ IPA_DATA_VERSION=20100614120000 # # ######################################################## IPA_API_VERSION_MAJOR=2 -IPA_API_VERSION_MINOR=63 +IPA_API_VERSION_MINOR=64 diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py index b19a27ec..8790dcd2 100644 --- a/ipalib/plugins/trust.py +++ b/ipalib/plugins/trust.py @@ -990,3 +990,47 @@ class adtrust_is_enabled(Command): return dict(result=True) api.register(adtrust_is_enabled) + + +class compat_is_enabled(Command): + NO_CLI = True + + __doc__ = _('Determine whether Schema Compatibility plugin is configured ' + 'to serve trusted domain users and groups') + + def execute(self, *keys, **options): + ldap = self.api.Backend.ldap2 + users_dn = DN( + ('cn', 'users'), + ('cn', 'Schema Compatibility'), + ('cn', 'plugins'), + ('cn', 'config') + ) + groups_dn = DN( + ('cn', 'groups'), + ('cn', 'Schema Compatibility'), + ('cn', 'plugins'), + ('cn', 'config') + ) + + try: + users_entry = ldap.get_entry(users_dn) + except errors.NotFound: + return dict(result=False) + + attr = users_entry.get('schema-compat-lookup-nsswitch') + if not attr or 'user' not in attr: + return dict(result=False) + + try: + groups_entry = ldap.get_entry(groups_dn) + except errors.NotFound: + return dict(result=False) + + attr = groups_entry.get('schema-compat-lookup-nsswitch') + if not attr or 'group' not in attr: + return dict(result=False) + + return dict(result=True) + +api.register(compat_is_enabled) |