diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2016-05-30 18:42:01 +0200 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-06-13 17:50:54 +0200 |
commit | 5f7086e7183f0fcfece2bdd5be3d1ea17384717b (patch) | |
tree | 27dab7bd3dae33d40c160f208db09d3d3ad54c6b /ipaserver/plugins/trust.py | |
parent | b9aa31191b3067aced1432daa06d18b4382cd77f (diff) | |
download | freeipa-5f7086e7183f0fcfece2bdd5be3d1ea17384717b.tar.gz freeipa-5f7086e7183f0fcfece2bdd5be3d1ea17384717b.tar.xz freeipa-5f7086e7183f0fcfece2bdd5be3d1ea17384717b.zip |
Server Roles: make *config-show consume relevant roles/attributes
This patch modifies config objects so that the roles/attributes relevant to
the configuration are shown in the output:
* config-{show,mod} will show list of all IPA masters, CA servers and CA
renewal master
* dnsconfig-{show,mod} will list all DNS server and DNS key master
* trustconfig-{show,mod} will list all AD trust controllers and agents
* vaultconfig-show will list all Key Recovery Agents
http://www.freeipa.org/page/V4/Server_Roles
https://fedorahosted.org/freeipa/ticket/5181
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Pavel Vomacka <pvomacka@redhat.com>
Diffstat (limited to 'ipaserver/plugins/trust.py')
-rw-r--r-- | ipaserver/plugins/trust.py | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/ipaserver/plugins/trust.py b/ipaserver/plugins/trust.py index f9b48f3a3..02d2e0e81 100644 --- a/ipaserver/plugins/trust.py +++ b/ipaserver/plugins/trust.py @@ -1179,6 +1179,18 @@ class trustconfig(LDAPObject): cli_name='fallback_primary_group', label=_('Fallback primary group'), ), + Str( + 'ad_trust_agent_server*', + label=_('IPA AD trust agents'), + doc=_('IPA servers configured as AD trust agents'), + flags={'virtual_attribute', 'no_create', 'no_update'} + ), + Str( + 'ad_trust_controller_server*', + label=_('IPA AD trust controllers'), + doc=_('IPA servers configured as AD trust controllers'), + flags={'virtual_attribute', 'no_create', 'no_update'} + ), ) def get_dn(self, *keys, **kwargs): @@ -1249,6 +1261,22 @@ class trustconfig(LDAPObject): entry_attrs['ipantfallbackprimarygroup'] = [groupdn[0][0].value] + def show_servroles(self, entry_attrs, **options): + if options.get('raw', False): + return + + backend = self.api.Backend.serverroles + + adtrust_agents = backend.config_retrieve( + "AD trust agent" + ) + adtrust_controllers = backend.config_retrieve( + "AD trust controller" + ) + + entry_attrs.update(adtrust_agents) + entry_attrs.update(adtrust_controllers) + @register() class trustconfig_mod(LDAPUpdate): @@ -1268,6 +1296,7 @@ class trustconfig_mod(LDAPUpdate): def post_callback(self, ldap, dn, entry_attrs, *keys, **options): self.obj._convert_groupdn(entry_attrs, options) + self.obj.show_servroles(entry_attrs, **options) return dn @@ -1285,6 +1314,8 @@ class trustconfig_show(LDAPRetrieve): def post_callback(self, ldap, dn, entry_attrs, *keys, **options): self.obj._convert_groupdn(entry_attrs, options) + self.obj.show_servroles(entry_attrs, **options) + return dn |