[Freeipa-users] How can I change my password from a python script?
Martin Kosek
mkosek at redhat.com
Thu Jun 28 08:45:51 UTC 2012
On 06/28/2012 03:34 AM, Joe Linoff wrote:
> Hi Everybody:
>
>
>
> I need to add a lot of users to an LDAP system for testing and I would like to
> do it in batch mode. For my small tests have been doing something like this:
>
>
>
> #!/bin/bash
>
> # Script to create a new user.
>
> ipa user-add bigbob \
>
> --email=bbob at BigBobsEmporium.com <mailto:bbob at BigBobsEmporium.com> \
>
> --first=Bob \
>
> --last=Bigg \
>
> --password \
>
> --setattr=description='The sales guy.' <<-EOF
>
> b1gB0bsTmpPwd
>
> b1gB0bsTmpPwd
>
> EOF
>
>
>
> However, I am python guy and would like to use it instead. I am sure that I can
> do a similar thing using pexpect in python. Probably something like this:
>
>
>
> # This code has not been tested. It is only for a thought experiment.
>
> # Add a user and enter the password using pexpect.
>
> cmd = "ipa user-add bigbob --email='bbob at BigBobsEmporium."
>
> cmd += " --first=Bob --last=Bigg --password "
>
> cmd += "--setattr=description='The sales guy.'"
>
> rets = ['Password', 'Enter Password again to verify', pexpect.EOF, pexpect.TIMEOUT]
>
> c = pexpect.spawn(cmd,timeout=None)
>
> i = c.expect(rets)
>
> if i == 0: # Password
>
> child.sendline('b1gB0bsTmpPwd')
>
> i = c.expect(rets)
>
> if i == 1: # Enter Password again to verify
>
> child.sendline('b1gB0bsTmpPwd')
>
> i = c.expect(rets)
>
> if i == 2:
>
> print 'SUCCESS'
>
> else:
>
> sys.exit('ERROR: something bad happened #1')
>
> else:
>
> sys.exit('ERROR: something bad happened #2')
>
> else:
>
> sys.exit('ERROR: something bad happened #3')
>
>
>
> But I was wondering whether there was a better using the IPA API. Is there a
> way for me to do that?
>
>
>
> Any help or insights would be greatly appreciated.
>
>
> Thanks,
>
>
>
> Joe
>
Hello Joe,
if you don't want to use batch command as Petr suggested you can try the
following example. It also uses --random option available in recent FreeIPA
version to let FreeIPA handle the password generation:
# cat add-users.py
#!/usr/bin/env python
from ipalib import api
api.bootstrap_with_global_options(context='cli')
api.finalize()
api.Backend.xmlclient.connect()
for i in xrange(5):
login = u'user%d' % i
result = api.Command['user_add'](login, givenname=u'Test', \
sn=u'User #%d' % i, random=True)
password = result['result']['randompassword']
print "Created user '%s' with password '%s'" % (login, password)
When I execute it:
# ./add-users.py
Created user 'user0' with password 'EvzY+Of5pk at +'
Created user 'user1' with password 'kyRHb9RMFzBO'
Created user 'user2' with password 'u2mt_oGU_UIX'
Created user 'user3' with password 'Lm6ONeErNFgz'
Created user 'user4' with password 'AS=EeFozvbE-'
HTH,
Martin
More information about the Freeipa-users
mailing list