[Freeipa-devel] bind DN of executing command
Rob Crittenden
rcritten at redhat.com
Mon May 5 13:56:56 UTC 2014
Sumit Bose wrote:
> On Fri, May 02, 2014 at 05:06:06PM -0400, Nathaniel McCallum wrote:
>> I need the DN of the user who is running the current command. This may
>> be defined as the user who is bound or will bind to execute the LDAP
>> commands I have prepared.
>>
>> Does anyone know how to do this in the FreeIPA api?
>
> I guess you are looking for
>
> ipa user-find --whoami
If you're doing this in your own plugin, you get the current principal with:
getattr(context, 'principal')
Using that you can get the DN of that user with a search like this:
"(&(objectclass=posixaccount)(krbprincipalname=%s))" % getattr(context,
'principal')
We don't currently have a helper for this.
This is rather inefficient in user-find as it searches from the basedn
rather than the user container for some reason.
rob
More information about the Freeipa-devel
mailing list