[Freeipa-devel] Client-side command in the IPA framework
Petr Viktorin
pviktori at redhat.com
Fri Feb 28 15:12:46 UTC 2014
On 02/28/2014 04:02 PM, Nathaniel McCallum wrote:
> On Fri, 2014-02-28 at 16:43 +0200, Alexander Bokovoy wrote:
[...]
>> Why then to do it as a IPA CLI command at all?
>> This is an administrative task which can be done with a separate
>> ipa-otp-import command, designated to run on IPA masters.
>
> Agreed.
>
> 1. Is there a framework for this? Or should it just be an independent
> script?
There is: ipapython.admintool. Look at ipa-server-certinstall for a
simple-ish example, ask if you have any questions.
> 2. How can I use the ipalib API? Specifically, I'd like to call
> otptoken-add and pass the --key parameter with a value (not possible
> from the command line).
Finalize the API (see ipaserver.install.ServerCertInstall.run), and then
call api.Command['otptoken-add'](key=...)
Or you might think about moving the otptoken-add functionality into a
function that you can call directly.
--
Petr³
More information about the Freeipa-devel
mailing list