diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2017-02-15 10:16:27 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2017-03-01 15:55:45 +0100 |
commit | 77857ea77662e005b1a23039e2f9173c0a9b080b (patch) | |
tree | 07ff56a5c1af32094dfcfc6882923f2486c0a4d1 | |
parent | 289060dd98a3ed8e2a916ed25eaa1824c795e842 (diff) | |
download | freeipa-77857ea77662e005b1a23039e2f9173c0a9b080b.tar.gz freeipa-77857ea77662e005b1a23039e2f9173c0a9b080b.tar.xz freeipa-77857ea77662e005b1a23039e2f9173c0a9b080b.zip |
Add AD trust installer interface for composite installer
This interface is to be used to provide AD trust-related options in
server and replica installer.
https://fedorahosted.org/freeipa/ticket/6630
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
-rw-r--r-- | ipaserver/install/adtrust.py | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/ipaserver/install/adtrust.py b/ipaserver/install/adtrust.py index a8e4dc859..b81c27c77 100644 --- a/ipaserver/install/adtrust.py +++ b/ipaserver/install/adtrust.py @@ -14,10 +14,12 @@ import six from ipalib.constants import DOMAIN_LEVEL_0 from ipalib import errors +from ipalib.install.service import ServiceAdminInstallInterface from ipaplatform.paths import paths from ipapython.admintool import ScriptError from ipapython import ipaldap, ipautil from ipapython.dn import DN +from ipapython.install.core import knob from ipapython.ipa_log_manager import root_logger from ipaserver.install import adtrustinstance from ipaserver.install import service @@ -426,3 +428,51 @@ def install(standalone, options, fstore, api): # Find out IPA masters which are not part of the cn=adtrust agents # and propose them to be added to the list add_new_adtrust_agents(api, options) + + +class ADTrustInstallInterface(ServiceAdminInstallInterface): + """ + Interface for the AD trust installer + + Knobs defined here will be available in: + * ipa-server-install + * ipa-replica-install + * ipa-adtrust-install + """ + + # the following knobs are provided on top of those specified for + # admin credentials + add_sids = knob( + None, + description="Add SIDs for existing users and groups as the final step" + ) + add_agents = knob( + None, + description="Add IPA masters to a list of hosts allowed to " + "serve information about users from trusted forests" + ) + enable_compat = knob( + None, + description="Enable support for trusted domains for old clients" + ) + netbios_name = knob( + str, + None, + description="NetBIOS name of the IPA domain" + ) + no_msdcs = knob( + None, + description="Deprecated: has no effect", + deprecated=True + ) + rid_base = knob( + int, + 1000, + description="Start value for mapping UIDs and GIDs to RIDs" + ) + secondary_rid_base = knob( + int, + 100000000, + description="Start value of the secondary range for mapping " + "UIDs and GIDs to RIDs" + ) |