Hello,
I hope someone can help me with my plugin.
I have implemented a checkbox in the WEB UI. When activated, the
attribute “nextsambaenabled” is set to True, when deactivated to
“False”. My python plugin should now copy the value of
ipaNTSecurityIdentifier into the sambaSID attribute when the value is
set to “True”. But the attribute is not read and the default values are
always entered. I have already tried to change the permissions to
ipantsecurityidentifier, unfortunately without success. Maybe someone
has an idea and can help me:
from ipaserver.plugins import user
from ipalib.parameters import Str, Bool
from ipalib.text import _
def useradd_precallback(self, ldap, dn, entry, attrs_list, *keys,
**options):
if 'nextsambauser' not in entry['objectclass']:
entry['objectclass'].append('nextsambauser')
return dn
def usermod_precallback(self, ldap, dn, entry, attrs_list, *keys,
**options):
if 'objectclass' not in entry.keys():
old_entry = ldap.get_entry(dn, ['objectclass'])
entry['objectclass'] = old_entry['objectclass']
if 'nextsambauser' not in entry['objectclass']:
entry['objectclass'].append('nextsambauser')
nextsambaenabled = entry.get('nextsambaenabled')
if nextsambaenabled is None:
nextsambaenabled = False # Defaultwert, falls nicht gesetzt
if not nextsambaenabled: # Wenn nextsambaenabled == False
entry['sambaSID'] =
['S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-1000']
else: # Wenn nextsambaenabled auf True gesetzt ist
ipa_sid = entry.get('ipaNTSecurityIdentifier')
if ipa_sid and isinstance(ipa_sid, list) and len(ipa_sid) > 0:
entry['sambaSID'] = [ipa_sid[0]] # Setze den ersten Wert
von ipa_sid
else:
entry['sambaSID'] =
['S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-1001'] # Standardwert
# Keine direkte ldap.modify_entry mehr verwenden!
# Änderungen werden jetzt über das normale `user_mod` Verfahren
weitergegeben.
return dn
user.user.takes_params = user.user.takes_params + (
Bool('nextsambaenabled?',
cli_name='nextsambaenabled',
label=_('Nextsamba enabled?'),
doc=_('Whether or not a nextsamba is enabled for this user
(default is false).'),
default=False,
autofill=True,
),
)
user.user.default_attributes = user.user.default_attributes +
['nextsambaenabled']
user.user_add.register_pre_callback(useradd_precallback)
user.user_mod.register_pre_callback(usermod_precallback)
--
best regards
Lars Kagrath
--
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
