[Freeipa-devel] Client-side command in the IPA framework
Alexander Bokovoy
abokovoy at redhat.com
Fri Feb 28 15:19:38 UTC 2014
On Fri, 28 Feb 2014, Petr Viktorin wrote:
>On 02/28/2014 04:02 PM, Nathaniel McCallum wrote:
>>On Fri, 2014-02-28 at 16:43 +0200, Alexander Bokovoy wrote:
>[...]
>>>Why then to do it as a IPA CLI command at all?
>>>This is an administrative task which can be done with a separate
>>>ipa-otp-import command, designated to run on IPA masters.
>>
>>Agreed.
>>
>>1. Is there a framework for this? Or should it just be an independent
>>script?
>
>There is: ipapython.admintool. Look at ipa-server-certinstall for a
>simple-ish example, ask if you have any questions.
Right, forgot about that one.
>>2. How can I use the ipalib API? Specifically, I'd like to call
>>otptoken-add and pass the --key parameter with a value (not possible
>>from the command line).
>
>Finalize the API (see ipaserver.install.ServerCertInstall.run), and
>then call api.Command['otptoken-add'](key=...)
>Or you might think about moving the otptoken-add functionality into a
>function that you can call directly.
I'd still prefer to do token addition through the common interface, i.e.
not directly talking to ldap but rather using the CLI commands, maybe
batched.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list