[Freeipa-users] How can I change my password from a python script?
Joe Linoff
jlinoff at tabula.com
Thu Jun 28 15:10:47 UTC 2012
Hi Martin:
Thank you once again for your excellent insights. I really appreciate
your help. FreeIPA is really impressive.
Regards,
Joe
-----Original Message-----
From: Martin Kosek [mailto:mkosek at redhat.com]
Sent: Thursday, June 28, 2012 1:46 AM
To: Joe Linoff
Cc: freeipa-users at redhat.com
Subject: Re: [Freeipa-users] How can I change my password from a python
script?
On 06/28/2012 03:34 AM, Joe Linoff wrote:
> Hi Everybody:
>
>
>
> I need to add a lot of users to an LDAP system for testing and I would
> like to do it in batch mode. For my small tests have been doing
something like this:
>
>
>
> #!/bin/bash
>
> # Script to create a new user.
>
> ipa user-add bigbob \
>
> --email=bbob at BigBobsEmporium.com <mailto:bbob at BigBobsEmporium.com>
> \
>
> --first=Bob \
>
> --last=Bigg \
>
> --password \
>
> --setattr=description='The sales guy.' <<-EOF
>
> b1gB0bsTmpPwd
>
> b1gB0bsTmpPwd
>
> EOF
>
>
>
> However, I am python guy and would like to use it instead. I am sure
> that I can do a similar thing using pexpect in python. Probably
something like this:
>
>
>
> # This code has not been tested. It is only for a thought experiment.
>
> # Add a user and enter the password using pexpect.
>
> cmd = "ipa user-add bigbob --email='bbob at BigBobsEmporium."
>
> cmd += " --first=Bob --last=Bigg --password "
>
> cmd += "--setattr=description='The sales guy.'"
>
> rets = ['Password', 'Enter Password again to verify', pexpect.EOF,
> pexpect.TIMEOUT]
>
> c = pexpect.spawn(cmd,timeout=None)
>
> i = c.expect(rets)
>
> if i == 0: # Password
>
> child.sendline('b1gB0bsTmpPwd')
>
> i = c.expect(rets)
>
> if i == 1: # Enter Password again to verify
>
> child.sendline('b1gB0bsTmpPwd')
>
> i = c.expect(rets)
>
> if i == 2:
>
> print 'SUCCESS'
>
> else:
>
> sys.exit('ERROR: something bad happened #1')
>
> else:
>
> sys.exit('ERROR: something bad happened #2')
>
> else:
>
> sys.exit('ERROR: something bad happened #3')
>
>
>
> But I was wondering whether there was a better using the IPA API. Is
> there a way for me to do that?
>
>
>
> Any help or insights would be greatly appreciated.
>
>
> Thanks,
>
>
>
> Joe
>
Hello Joe,
if you don't want to use batch command as Petr suggested you can try the
following example. It also uses --random option available in recent
FreeIPA version to let FreeIPA handle the password generation:
# cat add-users.py
#!/usr/bin/env python
from ipalib import api
api.bootstrap_with_global_options(context='cli')
api.finalize()
api.Backend.xmlclient.connect()
for i in xrange(5):
login = u'user%d' % i
result = api.Command['user_add'](login, givenname=u'Test', \
sn=u'User #%d' % i, random=True)
password = result['result']['randompassword']
print "Created user '%s' with password '%s'" % (login, password)
When I execute it:
# ./add-users.py
Created user 'user0' with password 'EvzY+Of5pk at +'
Created user 'user1' with password 'kyRHb9RMFzBO'
Created user 'user2' with password 'u2mt_oGU_UIX'
Created user 'user3' with password 'Lm6ONeErNFgz'
Created user 'user4' with password 'AS=EeFozvbE-'
HTH,
Martin
More information about the Freeipa-users
mailing list