Skip to content
Snippets Groups Projects
Commit 3aac2d66 authored by Einar Largenius's avatar Einar Largenius
Browse files

Use kadmin shell program instead of kadmin library

python-kadmin is not maintained anymore.
parent 17f3e832
No related branches found
No related tags found
No related merge requests found
"""Main handler for supr and ldap connections."""
import kadmin
from textwrap import dedent
import ldap
import ldap.modlist as modlist
import sys
import supr
import settings
import subprocess
from requests import ConnectionError
# requests.packages.urllib3.disable_warnings()
......@@ -381,29 +381,45 @@ class SUPR_LDAP:
self.ERR_PERS_MAIL += "uidNumber :: " + str(uidNumber) + "\t Module :: addPerson \n"
self.err_pers_cnt += 1
# Function to add new person to Kerberos
def addPersontoKerberos(self, m, attrsPerson):
"""Add a new person to Kerberos, if able
# Kadmin init or "login"
try:
kadm = kadmin.init_with_keytab(settings.adminprincipal, settings.keytab)
user = attrsPerson['uid']
princ = kadm.getprinc(user)
Uses external `kadmin` program.
if (princ is None):
kadm.addprinc(user, None)
:param m: Person to add (?)
:type m: Ldap person object (?)
:param attrsPerson: Person attributes to add to kerberos (?)
:type attrsPerson: Dictionary
:returns: None
"""
self.logger.info("Person with SUPR ID :: %s added to Kerberos -- %s", m.id, str(attrsPerson['uidNumber']))
self.KRB_PERS_MAIL += "SUPR ID :: " + str(m.id) + "\t username(uid) :: " + attrsPerson['uid'] + "\t Person Name :: " + attrsPerson['cn'] + "\n"
try:
# TODO: This one needs testing
result = subprocess.run([
"kadmin",
"-k", "-t", settings.keytab,
"-p", settings.adminprincipal,
"addprinc", "-randkey", attrsPerson['uid']],
timeout=10, text=True, capture_output=True)
for line in result.stdout.splitlines():
self.logger.info(line)
for line in result.stderr.splitlines():
self.logger.warning(line)
if result.returncode == 0:
self.logger.info("Person with SUPR ID :: %s added to Kerberos -- %s",
m.id, str(attrsPerson['uidNumber']))
self.KRB_PERS_MAIL += "SUPR ID :: " + str(m.id) + "\t username(uid) :: " + attrsPerson['uid'] + "\t Person Name :: " + attrsPerson['cn'] + "\n"
self.krb_pers_cnt += 1
else:
self.logger.info("Person with SUPR ID :: %s already added to Kerberos -- %s", m.id, str(attrsPerson['uidNumber']))
sys.exit(1)
except Exception as e:
self.logger.error("Error in addPersontoKerberos Module for %s :: %s", str(attrsPerson['uid']), e)
self.ERR_PERS_MAIL += "uidNumber :: " + str(attrsPerson['uid']) + "\t Module :: addPersontoKerberos \n"
except Exception as exc:
self.logger.error("Error in addPersontoKerberos Module for %s :: %s", str(attrsPerson['uid']), exc)
self.ERR_PERS_MAIL += "uidNumber :: " + str(attrsPerson['uid']) + "\t Module :: addPersontoKerberos \n"
self.err_pers_cnt += 1
def updateDeletePersons(self):
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment