[Freeipa-users] Re: api scripts

2018-01-02 Thread Jens Timmerman via FreeIPA-users
Hi Andrew,

On 26/12/2017 16:35, Andrew Meyer wrote:
> Jens,
> I'm not familiar w/ Python.  How do I pass the url, user and realm to
> it?  Do I do something like this - './freeipaclient.py url=myurl
> user=username' ?
>
If you're not familiar with python my code is probably not useful for
you. It's main purpose is to be a library to be integrated into other
python tools/scripts,
not to be used as a command line tool.

To perform quick commands against ipa from the command line I just use
the ipa client https://www.freeipa.org/page/Client


If you want to script things, then more information on the api is indeed
actually pretty hard to come by.


see https://www.redhat.com/archives/freeipa-users/2015-April/msg00582.html
which eventually pointed me to
https://vda.li/en/posts/2015/05/28/talking-to-freeipa-api-with-sessions/

The thing here that I needed to figure out to get kerberos
authentication working in python (and probably a lot of other scripting
languages) is that
you can just set KRB5_KTNAME=/path/to/keytabfile and use GSSAPI in your
script. And to get the actuall REST calls you can just run ipa -vv



Regards,
Jens Timmerman

> Thank you!
>
> Hi Andrew,
>
> On 20/12/2017 22:42, Andrew Meyer via FreeIPA-users wrote:
> > Does anyone have any examples or could share what they have written?
> >
> > I am trying to write a script and not sure what components I need. 
> I've been working on a python client for a bit. It will probably be made
> public when I'm done.
> But at the moment I'm just adding methods as I need them.
> You can find what I'm allowed to share at the moment at
> https://gist.github.com/JensTimmerman/c123d5f6291e4cd542473241ce7bf4c9
>
> feedback greatly appreciated.
>
> Regards,
> Jens Timmerman

___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


[Freeipa-users] Re: api scripts

2017-12-26 Thread Andrew Meyer via FreeIPA-users
Jens,I'm not familiar w/ Python.  How do I pass the url, user and realm to it?  
Do I do something like this - './freeipaclient.py url=myurl user=username' ?
Thank you! 

On Thursday, December 21, 2017 2:40 PM, Andrew Meyer via FreeIPA-users 
 wrote:
 

 Does this script prompt you to enter the data needed or do I need to hard code 
it? 

On Thursday, December 21, 2017 10:50 AM, Andrew Meyer via FreeIPA-users 
 wrote:
 

 Thank you 

On Thursday, December 21, 2017 4:31 AM, Jens Timmerman via FreeIPA-users 
 wrote:
 

 Hi Andrew,

On 20/12/2017 22:42, Andrew Meyer via FreeIPA-users wrote:
> Does anyone have any examples or could share what they have written?
>
> I am trying to write a script and not sure what components I need. 
I've been working on a python client for a bit. It will probably be made
public when I'm done.
But at the moment I'm just adding methods as I need them.
You can find what I'm allowed to share at the moment at
https://gist.github.com/JensTimmerman/c123d5f6291e4cd542473241ce7bf4c9

feedback greatly appreciated.

Regards,
Jens Timmerman
>
>
> ___
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


   ___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


   ___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


   ___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


[Freeipa-users] Re: api scripts

2017-12-21 Thread Andrew Meyer via FreeIPA-users
Does this script prompt you to enter the data needed or do I need to hard code 
it? 

On Thursday, December 21, 2017 10:50 AM, Andrew Meyer via FreeIPA-users 
 wrote:
 

 Thank you 

On Thursday, December 21, 2017 4:31 AM, Jens Timmerman via FreeIPA-users 
 wrote:
 

 Hi Andrew,

On 20/12/2017 22:42, Andrew Meyer via FreeIPA-users wrote:
> Does anyone have any examples or could share what they have written?
>
> I am trying to write a script and not sure what components I need. 
I've been working on a python client for a bit. It will probably be made
public when I'm done.
But at the moment I'm just adding methods as I need them.
You can find what I'm allowed to share at the moment at
https://gist.github.com/JensTimmerman/c123d5f6291e4cd542473241ce7bf4c9

feedback greatly appreciated.

Regards,
Jens Timmerman
>
>
> ___
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


   ___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


   ___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


[Freeipa-users] Re: api scripts

2017-12-21 Thread Aaron Hicks via FreeIPA-users
Hi Andrew and Jens,

 

I’ve been using python-freeipa

 

https://github.com/opennode/python-freeipa

https://pypi.python.org/pypi/python-freeipa/0.1.2

 

So…

 

from python_freeipa import Client

from configuration import config, args # a thing that processes args and 
configparser config

 

client = Client(

config['freeipa']['server'],

version=config['freeipa']['version'],

verify_ssl=false

)

client.login(

config['freeipa']['user'],

config['freeipa']['password']

)

client.user_find(‘username’)

 

 

I use some basic wrapper functions around the methods though:

 

def ipa_user_mod(uid, **kwargs):

if config['freeipa'].getboolean('enabled') is True:

if args.dry_run is not True:

client.user_mod(uid, **kwargs)

else:

logger.info("Dry-run, last user update(s) skipped")

return True

else:

logger.info(‘freeIPA disabled')

return None

 

 

def ipa_group_mod(uid, **kwargs):

if config['freeipa'].getboolean('enabled') is True:

if args.dry_run is not True:

client.group_mod(uid, **kwargs)

else:

logger.info("Dry-run, last group update(s) skipped")

return True

else:

logger.info(‘freeIPA disabled')

return None

 

My group and user add functions are more complicated and contain duplicate 
tests etc.

 

 

 

From: Andrew Meyer via FreeIPA-users 
[mailto:freeipa-users@lists.fedorahosted.org] 
Sent: Friday, 22 December 2017 5:50 AM
To: FreeIPA users list <freeipa-users@lists.fedorahosted.org>
Cc: Jens Timmerman <jens.timmer...@ugent.be>; Andrew Meyer 
<andrewm...@yahoo.com>
Subject: [Freeipa-users] Re: api scripts

 

Thank you

 

On Thursday, December 21, 2017 4:31 AM, Jens Timmerman via FreeIPA-users 
<freeipa-users@lists.fedorahosted.org 
<mailto:freeipa-users@lists.fedorahosted.org> > wrote:

 

Hi Andrew,

On 20/12/2017 22:42, Andrew Meyer via FreeIPA-users wrote:
> Does anyone have any examples or could share what they have written?
>
> I am trying to write a script and not sure what components I need. 
I've been working on a python client for a bit. It will probably be made
public when I'm done.
But at the moment I'm just adding methods as I need them.
You can find what I'm allowed to share at the moment at
https://gist.github.com/JensTimmerman/c123d5f6291e4cd542473241ce7bf4c9

feedback greatly appreciated.

Regards,
Jens Timmerman
>
>
> ___
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org 
> <mailto:freeipa-users@lists.fedorahosted.org> 
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org 
> <mailto:freeipa-users-le...@lists.fedorahosted.org> 




___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org 
<mailto:freeipa-users@lists.fedorahosted.org> 
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org 
<mailto:freeipa-users-le...@lists.fedorahosted.org> 

 

___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


[Freeipa-users] Re: api scripts

2017-12-21 Thread Andrew Meyer via FreeIPA-users
Thank you 

On Thursday, December 21, 2017 4:31 AM, Jens Timmerman via FreeIPA-users 
 wrote:
 

 Hi Andrew,

On 20/12/2017 22:42, Andrew Meyer via FreeIPA-users wrote:
> Does anyone have any examples or could share what they have written?
>
> I am trying to write a script and not sure what components I need. 
I've been working on a python client for a bit. It will probably be made
public when I'm done.
But at the moment I'm just adding methods as I need them.
You can find what I'm allowed to share at the moment at
https://gist.github.com/JensTimmerman/c123d5f6291e4cd542473241ce7bf4c9

feedback greatly appreciated.

Regards,
Jens Timmerman
>
>
> ___
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


   ___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


[Freeipa-users] Re: api scripts

2017-12-21 Thread Jens Timmerman via FreeIPA-users
Hi Andrew,

On 20/12/2017 22:42, Andrew Meyer via FreeIPA-users wrote:
> Does anyone have any examples or could share what they have written?
>
> I am trying to write a script and not sure what components I need. 
I've been working on a python client for a bit. It will probably be made
public when I'm done.
But at the moment I'm just adding methods as I need them.
You can find what I'm allowed to share at the moment at
https://gist.github.com/JensTimmerman/c123d5f6291e4cd542473241ce7bf4c9

feedback greatly appreciated.

Regards,
Jens Timmerman
>
>
> ___
> FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org


___
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org