3 files changed, 21 insertions, 2 deletions

diff --git a/ipa-admintools/ipa-addradiusprofile b/ipa-admintools/ipa-addradiusprofile
index 519bf495..66db5226 100644
--- a/ipa-admintools/ipa-addradiusprofile
+++ b/ipa-admintools/ipa-addradiusprofile
@@ -59,6 +59,8 @@ def main():
 
     opt_parser.add_option("-u", "--uid", dest="uid",
                       help="RADIUS profile identifier")
+    opt_parser.add_option("-s", "--shared", dest="shared", default=False, action='store_true',
+                      help="profile is shared")
     opt_parser.add_option("-d", "--Description", dest="desc", 
                       help="description of the RADIUS client")
 
@@ -82,8 +84,14 @@ def main():
         opt_parser.error('missing %s' % (distinguished_attr))
 
     uid = args[1]
+    user_profile = not options.shared
     pairs[distinguished_attr] = uid
 
+    # Per user profiles are pre-created (i.e. objectclass radiusprofile is always added for each user)
+    if user_profile:
+        print "ERROR, you cannot add a per-user radius profile, it pre-exists"
+        return 1
+
     # Get pairs from a file or stdin
     if options.pair_file:
         try:
diff --git a/ipa-admintools/ipa-delradiusprofile b/ipa-admintools/ipa-delradiusprofile
index 16baea4a..f77d0174 100644
--- a/ipa-admintools/ipa-delradiusprofile
+++ b/ipa-admintools/ipa-delradiusprofile
@@ -42,6 +42,8 @@ def help_option_callback(option, opt_str, value, parser, *args, **kwargs):
 def main():
     opt_parser = OptionParser(add_help_option=False)
 
+    opt_parser.add_option("-s", "--shared", dest="shared", default=False, action='store_true',
+                      help="profile is shared")
     opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback,
                         help="detailed help information")
     opt_parser.set_usage("Usage: %s [options] UID" % (os.path.basename(sys.argv[0])))
@@ -53,10 +55,16 @@ def main():
         opt_parser.error("missing UID")
 
     uid = args[1]
+    user_profile = not options.shared
+
+    # Per user profiles are pre-created (i.e. objectclass radiusprofile is always added for each user)
+    if user_profile:
+        print "ERROR, you cannot delete a per-user radius profile, it always exists"
+        return 1
 
     try:
         ipa_client = ipaclient.IPAClient()
-        ipa_client.delete_radius_profile(uid)
+        ipa_client.delete_radius_profile(uid, user_profile)
         print "successfully deleted"
     except xmlrpclib.Fault, f:
         print f.faultString
diff --git a/ipa-admintools/ipa-findradiusprofile b/ipa-admintools/ipa-findradiusprofile
index 6fd5b466..ba714068 100644
--- a/ipa-admintools/ipa-findradiusprofile
+++ b/ipa-admintools/ipa-findradiusprofile
@@ -53,6 +53,8 @@ def help_option_callback(option, opt_str, value, parser, *args, **kwargs):
 
 def main():
     opt_parser = OptionParser(add_help_option=False)
+    opt_parser.add_option("-s", "--shared", dest="shared", default=False, action='store_true',
+                      help="profile is shared")
     opt_parser.add_option("-h", "--help", action="callback", callback=help_option_callback,
                         help="detailed help information")
 
@@ -65,10 +67,11 @@ def main():
         opt_parser.error("missing UID(es)")
 
     uids = args[1:]
+    user_profile = not options.shared
 
     try:
         ipa_client = ipaclient.IPAClient()
-        radius_profiles = ipa_client.find_radius_profiles(uids, sattrs=attrs)
+        radius_profiles = ipa_client.find_radius_profiles(uids, user_profile, sattrs=attrs)
         counter = radius_profiles[0]
         radius_profiles = radius_profiles[1:]