From fc571da1af5271caf76e08c359d85e386d67f2a4 Mon Sep 17 00:00:00 2001 From: Petr Viktorin Date: Wed, 23 Jan 2013 10:15:25 -0500 Subject: Inline inactivateEntry in its only caller Part of the work for: https://fedorahosted.org/freeipa/ticket/2660 --- ipaserver/install/krbinstance.py | 4 +++- ipaserver/ipaldap.py | 19 ------------------- 2 files changed, 3 insertions(+), 20 deletions(-) diff --git a/ipaserver/install/krbinstance.py b/ipaserver/install/krbinstance.py index 2380d55f6..f3008c918 100644 --- a/ipaserver/install/krbinstance.py +++ b/ipaserver/install/krbinstance.py @@ -442,7 +442,9 @@ class KrbInstance(service.Service): # Create the special anonymous principal installutils.kadmin_addprinc(princ_realm) dn = DN(('krbprincipalname', princ_realm), self.get_realm_suffix()) - self.admin_conn.inactivateEntry(dn, False) + entry = self.admin_conn.get_entry(dn) + entry['nsAccountlock'] = ['TRUE'] + self.admin_conn.update_entry(entry) def __convert_to_gssapi_replication(self): repl = replication.ReplicationManager(self.realm, diff --git a/ipaserver/ipaldap.py b/ipaserver/ipaldap.py index b4d0a5d9a..72fc4afee 100644 --- a/ipaserver/ipaldap.py +++ b/ipaserver/ipaldap.py @@ -1697,25 +1697,6 @@ class IPAdmin(LDAPClient): return modlist - def inactivateEntry(self,dn, has_key): - """Rather than deleting entries we mark them as inactive. - has_key defines whether the entry already has nsAccountlock - set so we can determine which type of mod operation to run.""" - - assert isinstance(dn, DN) - modlist = [] - - if has_key: - operation = ldap.MOD_REPLACE - else: - operation = ldap.MOD_ADD - - modlist.append((operation, "nsAccountlock", "TRUE")) - - with self.error_handler(): - self.modify_s(dn, modlist) - return True - def waitForEntry(self, dn, timeout=7200, attr='', quiet=True): filter = "(objectclass=*)" attrlist = [] -- cgit