summaryrefslogtreecommitdiffstats
path: root/ipa-admintools
diff options
context:
space:
mode:
Diffstat (limited to 'ipa-admintools')
-rw-r--r--ipa-admintools/ipa-adduser2
-rw-r--r--ipa-admintools/ipa-findgroup21
-rw-r--r--ipa-admintools/ipa-finduser13
-rw-r--r--ipa-admintools/ipa-groupmod22
-rw-r--r--ipa-admintools/ipa-usermod13
5 files changed, 54 insertions, 17 deletions
diff --git a/ipa-admintools/ipa-adduser b/ipa-admintools/ipa-adduser
index bb97a0d6..e993bee5 100644
--- a/ipa-admintools/ipa-adduser
+++ b/ipa-admintools/ipa-adduser
@@ -205,8 +205,6 @@ def main():
user.setValue('homedirectory', directory)
if shell:
user.setValue('loginshell', shell)
- else:
- user.setValue('loginshell', "/bin/sh")
try:
client = ipaclient.IPAClient()
diff --git a/ipa-admintools/ipa-findgroup b/ipa-admintools/ipa-findgroup
index 6953d4fd..9f809aa0 100644
--- a/ipa-admintools/ipa-findgroup
+++ b/ipa-admintools/ipa-findgroup
@@ -35,6 +35,12 @@ def usage():
def parse_options():
parser = OptionParser()
+ parser.add_option("-a", "--all", action="store_true", dest="all",
+ help="Show all group attributes")
+ parser.add_option("-n", "--notranslate", action="store_true",
+ dest="notranslate",
+ help="Don't translate LDAP attributes into readable labels")
+
args = ipa.config.init_config(sys.argv)
options, args = parser.parse_args(args)
@@ -49,7 +55,10 @@ def main():
try:
client = ipaclient.IPAClient()
- groups = client.find_groups(args[1], ['cn','description','gidnumber'])
+ if options.all is None:
+ groups = client.find_groups(args[1], ['cn','description','gidnumber','nsAccountLock'])
+ else:
+ groups = client.find_groups(args[1], sattrs=['*','nsAccountLock'])
counter = groups[0]
groups = groups[1:]
@@ -65,15 +74,21 @@ def main():
print str(e)
continue
attr = ent.attrList()
+ if options.notranslate:
+ labels = {}
+ for a in attr:
+ labels[a] = a
+ else:
+ labels = client.attrs_to_labels(attr)
print "dn: " + ent.dn
for a in attr:
value = ent.getValues(a)
if isinstance(value,str):
- print a + ": " + value
+ print labels[a] + ": " + value
else:
- print a + ": "
+ print labels[a] + ": "
for l in value:
print "\t" + l
diff --git a/ipa-admintools/ipa-finduser b/ipa-admintools/ipa-finduser
index a6f052f1..6dc4d56c 100644
--- a/ipa-admintools/ipa-finduser
+++ b/ipa-admintools/ipa-finduser
@@ -39,6 +39,9 @@ def parse_options():
parser.add_option("-a", "--all", action="store_true", dest="all",
help="Set user's e-mail address")
+ parser.add_option("-n", "--notranslate", action="store_true",
+ dest="notranslate",
+ help="Don't translate LDAP attributes into readable labels")
parser.add_option("--usage", action="store_true",
help="Program usage")
@@ -91,6 +94,12 @@ def main():
for ent in users:
attr = ent.attrList()
attr.sort()
+ if options.notranslate:
+ labels = {}
+ for a in attr:
+ labels[a] = a
+ else:
+ labels = client.attrs_to_labels(attr)
if options.all is True:
print "dn: " + ent.dn
@@ -98,9 +107,9 @@ def main():
for a in attr:
value = ent.getValues(a)
if isinstance(value,str):
- print a + ": " + str(wrap_binary_data(value)).rstrip()
+ print labels[a] + ": " + str(wrap_binary_data(value)).rstrip()
else:
- print a + ": "
+ print labels[a] + ": "
for l in value:
print "\t" + wrap_binary_data(l)
# blank line between results
diff --git a/ipa-admintools/ipa-groupmod b/ipa-admintools/ipa-groupmod
index 1e07e609..c7e6e1fa 100644
--- a/ipa-admintools/ipa-groupmod
+++ b/ipa-admintools/ipa-groupmod
@@ -67,9 +67,18 @@ def parse_options():
return options, args
-def get_group(client, group_cn):
+def get_group(client, options, group_cn):
try:
- group = client.get_entry_by_cn(group_cn)
+ attrs = ['*']
+
+ # in case any attributes being modified are operational such as
+ # nsaccountlock. Any attribute to be deleted needs to be included
+ # in the original record so it can be seen as being removed.
+ if options.delattr:
+ for d in options.delattr:
+ attrs.append(d)
+ group = client.get_entry_by_cn(group_cn, sattrs=attrs)
+
except ipa.ipaerror.IPAError, e:
print "%s" % e.message
return None
@@ -88,7 +97,7 @@ def main():
try:
client = ipaclient.IPAClient()
if options.add:
- group = get_group(client, args[2])
+ group = get_group(client, options, args[2])
if group is None:
return 1
users = args[1].split(',')
@@ -96,7 +105,7 @@ def main():
client.add_user_to_group(user, group.dn)
print user + " successfully added to " + args[2]
elif options.remove:
- group = get_group(client, args[2])
+ group = get_group(client, options, args[2])
if group is None:
return 1
users = args[1].split(',')
@@ -104,7 +113,7 @@ def main():
client.remove_user_from_group(user, group.dn)
print user + " successfully removed"
else:
- group = get_group(client, args[1])
+ group = get_group(client, options, args[1])
if group is None:
return 1
@@ -113,8 +122,7 @@ def main():
if options.delattr:
for d in options.delattr:
- # doesn't truly delete the attribute but does null out the value
- group.setValue(d, '')
+ group.delValue(d)
if options.setattr:
for s in options.setattr:
diff --git a/ipa-admintools/ipa-usermod b/ipa-admintools/ipa-usermod
index 4623d744..9ebddd2c 100644
--- a/ipa-admintools/ipa-usermod
+++ b/ipa-admintools/ipa-usermod
@@ -91,7 +91,15 @@ def main():
client = ipaclient.IPAClient()
try:
- user = client.get_user_by_uid(username)
+ attrs = ['*']
+
+ # in case any attributes being modified are operational such as
+ # nsaccountlock. Any attribute to be deleted needs to be included
+ # in the original record so it can be seen as being removed.
+ if options.delattr:
+ for d in options.delattr:
+ attrs.append(d)
+ user = client.get_user_by_uid(username, sattrs=attrs)
except ipa.ipaerror.exception_for(ipa.ipaerror.LDAP_NOT_FOUND):
print "User %s not found" % username
return 1
@@ -203,8 +211,7 @@ def main():
if options.delattr:
for d in options.delattr:
- # doesn't truly delete the attribute but does null out the value
- user.setValue(d, '')
+ user.delValue(d)
if options.setattr:
for s in options.setattr:
generated by cgit (git 2.34.1) at 2025-09-08 22:13:12 +0000