Hi, when group contains external members, they are specified using SIDs. Use trust-resolve command to convert them back on group-show.
https://bugzilla.redhat.com/show_bug.cgi?id=1054391 -- / Alexander Bokovoy
>From 3b0080d928bc7eb574a6d9705a7274b774ff372f Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy <aboko...@redhat.com> Date: Thu, 16 Jan 2014 20:31:37 +0200 Subject: [PATCH 4/4] group-show: resolve external members of the groups Perform SID to name conversion for existing external members of the groups if trust is configured. https://bugzilla.redhat.com/show_bug.cgi?id=1054391 --- ipalib/plugins/group.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py index 02eeb10..8010ec8 100644 --- a/ipalib/plugins/group.py +++ b/ipalib/plugins/group.py @@ -387,6 +387,20 @@ api.register(group_find) class group_show(LDAPRetrieve): __doc__ = _('Display information about a named group.') has_output_params = LDAPRetrieve.has_output_params + (ipaexternalmember_param,) + def post_callback(self, ldap, dn, entry_attrs, *keys, **options): + assert isinstance(dn, DN) + if ('ipaexternalmember' in entry_attrs and + len(entry_attrs['ipaexternalmember']) > 0 and + 'trust_resolve' in self.Command): + sids = entry_attrs['ipaexternalmember'] + result = self.Command.trust_resolve(sids=sids) + for entry in result['result']: + try: + idx = sids.index(entry['sid'][0]) + sids[idx] = entry['name'] + except ValueError: + pass + return dn api.register(group_show) -- 1.8.4.2
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel