https://fedorahosted.org/freeipa/ticket/455

This patch depends on my patch 015 (in thread "Make the migration plugin more configurable")
From f062a042d2efd3c91b002d0369b36ee00a0099cc Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Fri, 26 Nov 2010 09:37:12 -0500
Subject: [PATCH] Do not migrate krbPrincipalKey

https://fedorahosted.org/freeipa/ticket/455
---
 ipalib/plugins/migration.py |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py
index 1c9545f..c16f1db 100644
--- a/ipalib/plugins/migration.py
+++ b/ipalib/plugins/migration.py
@@ -49,6 +49,8 @@ _supported_schemas = (u'RFC2307bis', u'RFC2307')
 
 
 def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs):
+    attr_blacklist = ['krbprincipalkey']
+
     # get default primary group for new users
     if 'def_group_dn' not in ctx:
         def_group = config.get('ipadefaultprimarygroup')
@@ -69,6 +71,11 @@ def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs
         entry_attrs['homedirectory'] = home_dir
     entry_attrs.setdefault('gidnumber', ctx['def_group_gid'])
 
+    # do not migrate attributes autogenerated during migration
+    for attr in entry_attrs.keys():
+        if attr in attr_blacklist:
+            del entry_attrs[attr]
+
     # generate a principal name and check if it isn't already taken
     principal = u'%...@%s' % (pkey, api.env.realm)
     try:
-- 
1.7.3.2

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to