summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/trust.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipalib/plugins/trust.py')
-rw-r--r--ipalib/plugins/trust.py44
1 files changed, 44 insertions, 0 deletions
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index b19a27ec..8790dcd2 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -990,3 +990,47 @@ class adtrust_is_enabled(Command):
return dict(result=True)
api.register(adtrust_is_enabled)
+
+
+class compat_is_enabled(Command):
+ NO_CLI = True
+
+ __doc__ = _('Determine whether Schema Compatibility plugin is configured '
+ 'to serve trusted domain users and groups')
+
+ def execute(self, *keys, **options):
+ ldap = self.api.Backend.ldap2
+ users_dn = DN(
+ ('cn', 'users'),
+ ('cn', 'Schema Compatibility'),
+ ('cn', 'plugins'),
+ ('cn', 'config')
+ )
+ groups_dn = DN(
+ ('cn', 'groups'),
+ ('cn', 'Schema Compatibility'),
+ ('cn', 'plugins'),
+ ('cn', 'config')
+ )
+
+ try:
+ users_entry = ldap.get_entry(users_dn)
+ except errors.NotFound:
+ return dict(result=False)
+
+ attr = users_entry.get('schema-compat-lookup-nsswitch')
+ if not attr or 'user' not in attr:
+ return dict(result=False)
+
+ try:
+ groups_entry = ldap.get_entry(groups_dn)
+ except errors.NotFound:
+ return dict(result=False)
+
+ attr = groups_entry.get('schema-compat-lookup-nsswitch')
+ if not attr or 'group' not in attr:
+ return dict(result=False)
+
+ return dict(result=True)
+
+api.register(compat_is_enabled)
generated by cgit (git 2.34.1) at 2024-05-29 10:50:21 +0000