From 9b3a64e24a25a6ebbf7e755ae67c2f0eb2bfdf39 Mon Sep 17 00:00:00 2001
From: Martin Babinsky <mbabinsk@redhat.com>
Date: Thu, 1 Sep 2016 18:09:05 +0200
Subject: [PATCH] factor out `populate_remote_domain` method into module-level
function
This allows for re-use of this method in cases where the caller can not or
wishes not to instantiate local Samba domain to retrieve information about
remote ones.
https://fedorahosted.org/freeipa/ticket/6057
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
---
ipaserver/dcerpc.py | 94 ++++++++++++++++++++++++++++++-----------------------
1 file changed, 53 insertions(+), 41 deletions(-)
diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py
index 4d98485e17a9113322b7e38629fc43b593e99fd9..71b8ba6f17bea6b52ae26fe2467de380e5458099 100644
--- a/ipaserver/dcerpc.py
+++ b/ipaserver/dcerpc.py
@@ -1534,6 +1534,52 @@ def fetch_domains(api, mydomain, trustdomain, creds=None, server=None):
return result
+def retrieve_remote_domain(hostname, local_flatname,
+ realm, realm_server=None,
+ realm_admin=None, realm_passwd=None):
+ def get_instance(local_flatname):
+ # Fetch data from foreign domain using password only
+ rd = TrustDomainInstance('')
+ rd.parm.set('workgroup', local_flatname)
+ rd.creds = credentials.Credentials()
+ rd.creds.set_kerberos_state(credentials.DONT_USE_KERBEROS)
+ rd.creds.guess(rd.parm)
+ return rd
+
+ rd = get_instance(local_flatname)
+ rd.creds.set_anonymous()
+ rd.creds.set_workstation(hostname)
+ if realm_server is None:
+ rd.retrieve_anonymously(realm, discover_srv=True, search_pdc=True)
+ else:
+ rd.retrieve_anonymously(realm_server,
+ discover_srv=False, search_pdc=True)
+ rd.read_only = True
+ if realm_admin and realm_passwd:
+ if 'name' in rd.info:
+ names = realm_admin.split('\\')
+ if len(names) > 1:
+ # realm admin is in DOMAIN\user format
+ # strip DOMAIN part as we'll enforce the one discovered
+ realm_admin = names[-1]
+ auth_string = u"%s\%s%%%s" \
+ % (rd.info['name'], realm_admin, realm_passwd)
+ td = get_instance(local_flatname)
+ td.creds.parse_string(auth_string)
+ td.creds.set_workstation(hostname)
+ if realm_server is None:
+ # we must have rd.info['dns_hostname'] then
+ # as it is part of the anonymous discovery
+ td.retrieve(rd.info['dns_hostname'])
+ else:
+ td.retrieve(realm_server)
+ td.read_only = False
+ return td
+
+ # Otherwise, use anonymously obtained data
+ return rd
+
+
class TrustDomainJoins(object):
def __init__(self, api):
self.api = api
@@ -1565,47 +1611,13 @@ class TrustDomainJoins(object):
def populate_remote_domain(self, realm, realm_server=None,
realm_admin=None, realm_passwd=None):
- def get_instance(self):
- # Fetch data from foreign domain using password only
- rd = TrustDomainInstance('')
- rd.parm.set('workgroup', self.local_domain.info['name'])
- rd.creds = credentials.Credentials()
- rd.creds.set_kerberos_state(credentials.DONT_USE_KERBEROS)
- rd.creds.guess(rd.parm)
- return rd
-
- rd = get_instance(self)
- rd.creds.set_anonymous()
- rd.creds.set_workstation(self.local_domain.hostname)
- if realm_server is None:
- rd.retrieve_anonymously(realm, discover_srv=True, search_pdc=True)
- else:
- rd.retrieve_anonymously(realm_server,
- discover_srv=False, search_pdc=True)
- rd.read_only = True
- if realm_admin and realm_passwd:
- if 'name' in rd.info:
- names = realm_admin.split('\\')
- if len(names) > 1:
- # realm admin is in DOMAIN\user format
- # strip DOMAIN part as we'll enforce the one discovered
- realm_admin = names[-1]
- auth_string = u"%s\%s%%%s" \
- % (rd.info['name'], realm_admin, realm_passwd)
- td = get_instance(self)
- td.creds.parse_string(auth_string)
- td.creds.set_workstation(self.local_domain.hostname)
- if realm_server is None:
- # we must have rd.info['dns_hostname'] then
- # as it is part of the anonymous discovery
- td.retrieve(rd.info['dns_hostname'])
- else:
- td.retrieve(realm_server)
- td.read_only = False
- self.remote_domain = td
- return
- # Otherwise, use anonymously obtained data
- self.remote_domain = rd
+ self.remote_domain = retrieve_remote_domain(
+ self.local_domain.hostname,
+ self.local_domain.info['name'],
+ realm,
+ realm_server=realm_server,
+ realm_admin=realm_admin,
+ realm_passwd=realm_passwd)
def get_realmdomains(self):
"""
--
2.7.4