https://fedorahosted.org/freeipa/ticket/455
This patch depends on my patch 015 (in thread "Make the migration plugin more configurable")
From f062a042d2efd3c91b002d0369b36ee00a0099cc Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <[email protected]> Date: Fri, 26 Nov 2010 09:37:12 -0500 Subject: [PATCH] Do not migrate krbPrincipalKey https://fedorahosted.org/freeipa/ticket/455 --- ipalib/plugins/migration.py | 7 +++++++ 1 files changed, 7 insertions(+), 0 deletions(-) diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py index 1c9545f..c16f1db 100644 --- a/ipalib/plugins/migration.py +++ b/ipalib/plugins/migration.py @@ -49,6 +49,8 @@ _supported_schemas = (u'RFC2307bis', u'RFC2307') def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs): + attr_blacklist = ['krbprincipalkey'] + # get default primary group for new users if 'def_group_dn' not in ctx: def_group = config.get('ipadefaultprimarygroup') @@ -69,6 +71,11 @@ def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs entry_attrs['homedirectory'] = home_dir entry_attrs.setdefault('gidnumber', ctx['def_group_gid']) + # do not migrate attributes autogenerated during migration + for attr in entry_attrs.keys(): + if attr in attr_blacklist: + del entry_attrs[attr] + # generate a principal name and check if it isn't already taken principal = u'%...@%s' % (pkey, api.env.realm) try: -- 1.7.3.2
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
