From 0070c0fedab5386b313908762c6b6ab2c1577489 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Tue, 14 Jan 2014 14:23:47 -0500
Subject: Change the way we determine if the host has a password set.

When creating a host with a password we don't set a Kerberos
principal or add the Kerberos objectclasses. Those get added when the
host is enrolled. If one passed in --password= (so no password) then
we incorrectly thought the user was in fact setting a password, so the
principal and objectclasses weren't updated.

https://fedorahosted.org/freeipa/ticket/4102
---
 ipalib/plugins/host.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'ipalib/plugins/host.py')

diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index ef7ec528..27b692a9 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -424,7 +424,7 @@ class host_add(LDAPCreate):
             entry_attrs['l'] = entry_attrs['locality']
         entry_attrs['cn'] = keys[-1]
         entry_attrs['serverhostname'] = keys[-1].split('.', 1)[0]
-        if 'userpassword' not in entry_attrs and not options.get('random', False):
+        if not entry_attrs.get('userpassword', False) and not options.get('random', False):
             entry_attrs['krbprincipalname'] = 'host/%s@%s' % (
                 keys[-1], self.api.env.realm
             )
-- 
cgit