I'm testing with f18, freeipa-server 3.0.0, 389-ds-base-1.3.0.a1, with
betxn manually enabled in all plugins in 389. I did an ipa-server-install.
I have ipa user-add --all --raw working - it returns the mep and
memberof attributes immediately. I had to do something like this:
diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py
index 5d667dc..5a490bb 100644
--- a/ipalib/plugins/user.py
+++ b/ipalib/plugins/user.py
@@ -568,6 +568,11 @@ class user_add(LDAPCreate):
newentry = wait_for_value(ldap, dn, 'objectclass',
'mepOriginEntry')
entry_from_entry(entry_attrs, newentry)
+ if not self.api.env.wait_for_attr:
+ # have to update memberof, mep data in entry to return
+ (newdn, newentry) = ldap.get_entry(dn, ['*'])
+ entry_attrs.update(newentry)
+
if options.get('random', False):
try:
entry_attrs['randompassword'] =
unicode(getattr(context, 'randompassword'))
That is, after user_add.post_callback adds the user to the group, it
needs to get the updated memberof attribute from the user entry, as well
as the mep data. I think there are several other places in the code
where wait_for_attr and wait_for_attr_memberof are used, that will have
to change in a similar manner. I don't know if this patch is the best
way to solve the problem - I suppose it would be better to update only
the memberof and objectclass and mepmanagedentry attributes in
entry_attrs, but I'm not sure how to do that.
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel