rjancewicz
commented
9 years ago At the moment dbargs are only implemented for the initial connection. I will add the requested functionality asap.
Closed gczuczy closed 9 years ago
rjancewicz
commented
9 years ago At the moment dbargs are only implemented for the initial connection. I will add the requested functionality asap.
gczuczy
commented
9 years ago Thank you very much, much appreciated.
rjancewicz
commented
9 years ago Hello @gczuczy, I apologize for how long it took to turn this around, I have finally come around to working on the db_args branch. When you have a moment please build this branch and let me know if everything is working as expected.
https://github.com/russjancewicz/python-kadmin/tree/db_args
I am going to continue integrating db_args into all functions which require/allow them (connection, create princ/mod princ)
At this time you should be able to provide db_args when calling ank (or add_princ) as follows
>>> princ = kadm.ank("russell", None, db_args={'dn':'uid=russell,ou=people,dc=example,dc=com'})
>>> # db_args *must* be passed as a keyword value
>>> db_args = {'dn':'uid=russell,ou=people,dc=example,dc=com'}
>>> db_args = ["dn=uid=russell,ou=people,dc=example,dc=com"]
>>> db_args = ("dn=uid=russell,ou=people,dc=example,dc=com") I permit the args to be passed as a dictionary or iterable of strings.
Please note 'dn="uid=russell,ou=people,dc=example,dc=com"' will fail due to the double quotes surrounding the target DN; this is only supported on the kadmin command line because the parser strips the quotes before sending to the server. It isn't harmful but will not succeed (an exception will be raised).
rjancewicz
commented
9 years ago I have merged this change into master.
gczuczy
commented
9 years ago Thanks. I hoped to have some time testing this today, however I couldn't get to this point. Hopefully I can get to this point tomorrow, and share my results.
gczuczy
commented
9 years ago Stuff works. Added something with dbargs, added it to the proper DN.
The only thing is, seemingly you forgot to bump the version number: Writing /usr/lib64/python2.6/site-packages/python_kadmin-0.1.1-py2.6.egg-info
Thank you very much
rjancewicz
commented
9 years ago The prior version (as set in the PyPi settings) was python_kadmin-0.1, the git tag was 0.0.1 as a way to reconcile these I set the new version to 0.1.1 (which should be the successor to both of those versions).
TL;DR the version number looks correct for the scheme.
gczuczy
commented
9 years ago Cool then. I've expected 0.2 because i've seen that in the relnotes.
Could you please add some notes on how to add principals with dbargs set?
When KDC is having an LDAP backend it's important to create the principals within the right subtree, including attaching them to an already existing object.
It's explained here: http://sugo.ubuntu.hu/9.04/html/serverguide/hu/kerberos-ldap.html From that page, here's an example what needs to be done using the API: addprinc -x dn="uid=steve,ou=people,dc=example,dc=com" steve
-x here is a dbarg, which tells it to add it to an already existing DN.
Thanks in advance