Add new machine add method

Add stubs for machine and service modification methods
pull/1/head
Timothy Pearson 12 years ago
parent fdef66d8f2
commit d1764a4dae

@ -1458,6 +1458,18 @@ int LDAPManager::updateGroupInfo(LDAPGroupInfo group, TQString *errstr) {
} }
} }
// FIXME
int LDAPManager::updateMachineInfo(LDAPMachineInfo group, TQString *errstr) {
if (errstr) *errstr = i18n("<qt>Not implemented yet!</qt>");
return -1;
}
// FIXME
int LDAPManager::updateServiceInfo(LDAPServiceInfo group, TQString *errstr) {
if (errstr) *errstr = i18n("<qt>Not implemented yet!</qt>");
return -1;
}
int LDAPManager::addUserInfo(LDAPUserInfo user, TQString *errstr) { int LDAPManager::addUserInfo(LDAPUserInfo user, TQString *errstr) {
int retcode; int retcode;
int i; int i;
@ -1601,6 +1613,133 @@ int LDAPManager::addGroupInfo(LDAPGroupInfo group, TQString *errstr) {
} }
} }
int LDAPManager::addMachineInfo(LDAPMachineInfo machine, TQString *errstr) {
LDAPGroupInfo machineinfo;
if (bind() < 0) {
return -1;
}
else {
// Use Kerberos kadmin to actually add the machine
LDAPCredentials admincreds = currentLDAPCredentials();
if ((admincreds.username == "") && (admincreds.password == "")) {
// Probably GSSAPI
// Get active ticket principal...
KerberosTicketInfoList tickets = LDAPManager::getKerberosTicketList();
TQStringList principalParts = TQStringList::split("@", tickets[0].cachePrincipal, false);
admincreds.username = principalParts[0];
admincreds.realm = principalParts[1];
}
TQCString command = "kadmin";
QCStringList args;
if (m_host.startsWith("ldapi://")) {
args << TQCString("-l") << TQCString("-r") << TQCString(admincreds.realm.upper());
}
else {
if (admincreds.username == "") {
args << TQCString("-r") << TQCString(admincreds.realm.upper());
}
else {
args << TQCString("-p") << TQCString(admincreds.username.lower()+"@"+(admincreds.realm.upper())) << TQCString("-r") << TQCString(admincreds.realm.upper());
}
}
TQString hoststring = "host/"+machine.name+"."+admincreds.realm.lower();
TQString prompt;
PtyProcess kadminProc;
kadminProc.exec(command, args);
prompt = readFullLineFromPtyProcess(&kadminProc);
prompt = prompt.stripWhiteSpace();
if (prompt == "kadmin>") {
if (machine.newPassword == "") {
command = TQCString("ank --random-key "+hoststring);
}
else {
command = TQCString("ank --password=\""+machine.newPassword+"\" "+hoststring);
}
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
// Use all defaults
while (prompt != "kadmin>") {
if (prompt.endsWith(" Password:")) {
if (admincreds.password == "") {
if (tqApp->type() != TQApplication::Tty) {
TQCString password;
int result = KPasswordDialog::getPassword(password, prompt);
if (result == KPasswordDialog::Accepted) {
admincreds.password = password;
}
}
else {
TQFile file;
file.open(IO_ReadOnly, stdin);
TQTextStream qtin(&file);
admincreds.password = qtin.readLine();
}
}
if (admincreds.password != "") {
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(admincreds.password, true);
do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == "");
prompt = prompt.stripWhiteSpace();
}
}
if (prompt.contains("authentication failed")) {
if (errstr) *errstr = detailedKAdminErrorMessage(prompt);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
else {
// Extract whatever default is in the [brackets] and feed it back to kadmin
TQString defaultParam;
int leftbracket = prompt.find("[");
int rightbracket = prompt.find("]");
if ((leftbracket >= 0) && (rightbracket >= 0)) {
leftbracket++;
defaultParam = prompt.mid(leftbracket, rightbracket-leftbracket);
}
command = TQCString(defaultParam);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine(command, true);
do { // Discard our own input
prompt = readFullLineFromPtyProcess(&kadminProc);
printf("(kadmin) '%s'\n\r", prompt.ascii());
} while (prompt == TQString(command));
prompt = prompt.stripWhiteSpace();
}
}
if (prompt != "kadmin>") {
if (errstr) *errstr = detailedKAdminErrorMessage(prompt);
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
return 1;
}
// Success!
kadminProc.enableLocalEcho(false);
kadminProc.writeLine("quit", true);
unbind(true); // Using kadmin can disrupt our LDAP connection
return 0;
}
if (errstr) *errstr = "Internal error. Verify that kadmin exists and can be executed.";
return 1; // Failure
}
}
int LDAPManager::addServiceInfo(LDAPServiceInfo service, TQString *errstr) { int LDAPManager::addServiceInfo(LDAPServiceInfo service, TQString *errstr) {
LDAPGroupInfo serviceinfo; LDAPGroupInfo serviceinfo;

@ -320,6 +320,7 @@ class LDAPMachineInfo
TQString creatorsName; TQString creatorsName;
TQString name; TQString name;
TQString newPassword;
bool tde_builtin_account; bool tde_builtin_account;
LDAPKRB5Flags status; // Default is 126 [KRB5_MACHINE_ACCOUNT_DEFAULT] LDAPKRB5Flags status; // Default is 126 [KRB5_MACHINE_ACCOUNT_DEFAULT]
}; };
@ -408,8 +409,11 @@ class LDAPManager : public TQObject {
LDAPGroupInfo getGroupByDistinguishedName(TQString dn, TQString *errstr=0); LDAPGroupInfo getGroupByDistinguishedName(TQString dn, TQString *errstr=0);
int updateUserInfo(LDAPUserInfo user, TQString *errstr=0); int updateUserInfo(LDAPUserInfo user, TQString *errstr=0);
int updateGroupInfo(LDAPGroupInfo group, TQString *errstr=0); int updateGroupInfo(LDAPGroupInfo group, TQString *errstr=0);
int updateMachineInfo(LDAPMachineInfo group, TQString *errstr=0);
int updateServiceInfo(LDAPServiceInfo group, TQString *errstr=0);
int addUserInfo(LDAPUserInfo user, TQString *errstr=0); int addUserInfo(LDAPUserInfo user, TQString *errstr=0);
int addGroupInfo(LDAPGroupInfo group, TQString *errstr=0); int addGroupInfo(LDAPGroupInfo group, TQString *errstr=0);
int addMachineInfo(LDAPMachineInfo machine, TQString *errstr=0);
int addServiceInfo(LDAPServiceInfo service, TQString *errstr=0); int addServiceInfo(LDAPServiceInfo service, TQString *errstr=0);
int deleteUserInfo(LDAPUserInfo user, TQString *errstr=0); int deleteUserInfo(LDAPUserInfo user, TQString *errstr=0);
int deleteGroupInfo(LDAPGroupInfo group, TQString *errstr=0); int deleteGroupInfo(LDAPGroupInfo group, TQString *errstr=0);

Loading…
Cancel
Save