[Freeipa-devel] Newcomer's question

Tue Sep 17 09:03:19 UTC 2013

I would use Python dictionaries for that.

user_kw = dict(givenname=u'Test', sn=u'User')
user_kw['loginshell'] = u'/bin/sh'

api.Command['user_add'](u'testuser', **user_kw)

HTH,
Martin

On 09/17/2013 10:19 AM, Исаев Виталий Анатольевич wrote:
> Thanks, it has worked! Could you please explain what is the most convenient way to construct complex argument variables like this: (u'testuser', givenname=u'Test', sn=u'User', loginshell=u'/bin/sh') to pass them to commands with a variable number of args, such as 'user-add', 'group-add', 'config-mod' etc?
> 
> Thank you, 
> Виталий Исаев
> Инженер-программист
> Группа разработки и внедрения ПСЗИ
> Департамент информационной безопасности
> ОАО «Финтех»
> 
> -----Original Message-----
> From: Rob Crittenden [mailto:rcritten at redhat.com] 
> Sent: Monday, September 16, 2013 7:19 PM
> To: Исаев Виталий Анатольевич; freeipa-devel at redhat.com
> Subject: Re: [Freeipa-devel] Newcomer's question
> 
> Исаев Виталий Анатольевич wrote:
>> Dear Free IPA developers,
>>
>> Our team is working on the project based on the RHEL Virtualization 
>> and RHEL IdM server. It’s planned to run our software in enclosed 
>> internal enterprise network, and we would like to assign all the 
>> authentication and authorization tasks to the FreeIPA Python API. In 
>> fact we have already written this part of project on plain C; dialog 
>> with IdM server has been implemented over SSH interaction (libssh API 
>> + GNU flex). But some time ago we discovered FreeIPA API and since 
>> then we really want to migrate from C to Python.
>>
>> So the time has come, but the problem is our complete ignorance of the 
>> Python programming language. We faced a problem trying to modify the 
>> tutorial script */free-ipa-3.3.1/doc/python-api.py: /*ldap2 was 
>> refused to import. Which module should be included in this case?
>>
>> We use RHEL 6.4 desktop, all the IPA packages has 3.0.0-25 version.
>>
>> #!/usr/bin/python
>>
>> # -*- coding: utf-8 -*-
>>
>> from ipalib import api, errors
>>
>> from ipalib import Command
>>
>> from ipalib import Object
>>
>> from ipalib import Str
>>
>> from ipalib import output
>>
>> from ipalib.plugins import baseldap
>>
>> #Load environment
>>
>> api.finalize()
>>
>> if api.env.in_server:
>>
>>      api.Backend.ldap2.connect(
>>
>>          ccache=api.Backend.krb.default_ccname()
>>
>>       )
>>
>> else:
>>
>>      api.Backend.xmlclient.connect()
>>
>> #Execute command
>>
>> dn = api.Backend.ldap2.make_dn_from_attr(u'python_dev3',
>> loginshell=u'/bin/sh', givenname=u'Python', sn=u'User',
>> userpassword=u'redhat')
>>
>> try:
>>
>>                  api.Backend.user_add(dn)
>>
>> excepterrors.DuplicateEntry:
>>
>> print("Possibly duplicate…")
>>
>> else:
>>
>>                  print("User added…")
>>
>> Errors:
>>
>> ipa: INFO: trying https://ipa.dev.ru/ipa/xml
>>
>> Traceback (most recent call last):
>>
>>    File "./test.py", line 22, in <module>
>>
>>      dn = api.Backend.ldap2.make_dn_from_attr(u'python_dev3',
>> loginshell=u'/bin/sh', givenname=u'Python', sn=u'User',
>> userpassword=u'redhat')
>>
>> AttributeError: 'NameSpace' object has no attribute 'ldap2'
> 
> Try this:
> 
> from ipalib import api
> from ipalib import errors
> 
> api.bootstrap(context='cli')
> api.finalize()
> api.Backend.xmlclient.connect()
> 
> try:
>      api.Command['user_add'](u'testuser',
>                              givenname=u'Test', sn=u'User',
>                              loginshell=u'/bin/sh') except errors.DuplicateEntry:
>      print "user already exists"
> else:
>      print "User added"
> 
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
> 