[Freeipa-devel] [PATCH 0197] re-set canonical principal name on migrated users
Martin Basti
mbasti at redhat.com
Fri Jul 29 13:10:46 UTC 2016
On 29.07.2016 14:42, Florence Blanc-Renaud wrote:
> On 07/28/2016 10:56 AM, Martin Babinsky wrote:
>> Fixes https://fedorahosted.org/freeipa/ticket/6101
>>
>> I have also noticed that the principal aliases are not preserved during
>> migration from FreeIPA 4.4.
>>
>> That, however, requires more powerful runes to transform the realm of
>> all values and warrants a separate ticket if we even want to support
>> migration of user aliases.
>>
>>
>>
> Hi Martin,
>
> thanks for your patch. From a technical standpoint, it looks good to
> me as I tested the following scenarios:
>
> 1/ without --user-ignore-attribute
> - call ipa migrate-ds without specifying any attributes to ignore
> The user entries are migrated, and contain a migrated krbprincipalname
> and krbcanonicalname.
> At this point kinit fails but this is expected as the krb attributes
> were not re-generated. Login to the web https://hostname/ipa/ui also
> fails as expected.
> - login to https://hostname/ipa/migration with the user credentials
> - perform kinit => OK
> - login to https://hostname/ipa/ui => OK
>
> 2/ with --user-ignore-attribute={krbPrincipalName,krbextradata,...} as
> explained in the Migration page [1]
> At this point kinit fails as expected, as well as login to the web
> ipa/ui.
> - login to https://hostname/ipa/migration with the user credentials
> - perform kinit => OK
> - login to https://hostname/ipa/ui => OK
>
>
> But the patch produces new pep8 complaints:
> ./ipaserver/plugins/migration.py:39:1: E402 module level import not at
> top of file
This is caused by old code, it should not prevent this patch to be
acked. Imports are heavily mixed in code already, it is not possible to
keep importing right without fixing old ones.
Martin^2
>
> Flo.
>
> ----
> [1]
> https://www.freeipa.org/page/Howto/Migration#Migrating_from_other_FreeIPA_to_FreeIPA
>
More information about the Freeipa-devel
mailing list