Performace: don't download password attributes in host/user-find

For each entry in user/host-find was executed an extra search for password
attributes what has significant impact on performance (for 2000 users
there were 2000 additional searches)

http://www.freeipa.org/page/V4/Performance_Improvements

https://fedorahosted.org/freeipa/ticket/5281

Reviewed-By: David Kupka <dkupka@redhat.com>

2 files changed, 0 insertions, 6 deletions

diff --git a/ipalib/plugins/baseuser.py b/ipalib/plugins/baseuser.py
index 9c78a521d..af81b9373 100644
--- a/ipalib/plugins/baseuser.py
+++ b/ipalib/plugins/baseuser.py
@@ -617,7 +617,6 @@ class baseuser_find(LDAPSearch):
 
     def post_common_callback(self, ldap, entries, lockout=False, **options):
         for attrs in entries:
-            self.obj.get_password_attributes(ldap, attrs.dn, attrs)
             self.obj.convert_usercertificate_post(attrs, **options)
             if (lockout):
                 attrs['nsaccountlock'] = True
diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py
index 04bb2991a..1e8b2b6ca 100644
--- a/ipalib/plugins/host.py
+++ b/ipalib/plugins/host.py
@@ -1024,12 +1024,7 @@ class host_find(LDAPSearch):
             set_certificate_attrs(entry_attrs)
             set_kerberos_attrs(entry_attrs, options)
             rename_ipaallowedtoperform_from_ldap(entry_attrs, options)
-            self.obj.get_password_attributes(ldap, entry_attrs.dn, entry_attrs)
             self.obj.suppress_netgroup_memberof(ldap, entry_attrs)
-            if entry_attrs['has_password']:
-                # If an OTP is set there is no keytab, at least not one
-                # fetched anywhere.
-                entry_attrs['has_keytab'] = False
 
             if options.get('all', False):
                 entry_attrs['managing'] = self.obj.get_managed_hosts(entry_attrs.dn)