On 04/07/2016 11:57 PM, Steve Huston wrote: > Finding very little on the Interwebs about this, I wonder if I'm the > only person who's trying to add things to FreeIPA and doing UI and > backend plugins! > > The back story, I'm coming from an OpenLDAP deployment which I need to > update for various reasons and decided to look at options. FreeIPA > looks great, and I'm using 4.2.0-15 from the RHEL7 distribution > (technically Springdale Linux, our in-house rebuild). Since one of > the sticky parts of management of hosts and users for myself and > others has been all the LDAP details (which I and one other use > ldapmodify for, but some of the admin assistants who create accounts > use a custom-made PHP that makes it slightly prettier but harder to > maintain), I'm trying to get everything into a pretty interface that > anyone can use and means a single window for making these changes. > > I'm ditching our custom LDAP schema since the attributes can be > handled by other included schema elements, though I am adding the > Puppet schema which was easily imported and I even wrote the glue to > make that work. One of the things I wanted to add is to a host > record, the 'owner' field, which should be the owner of a machine - > this gets pulled into puppet for some fanciness down the road, as well > as used for some accounting information. > > What I have currently works, but it's not how I originally wrote it: > http://www.astro.princeton.edu/~huston/astrocustom/ > > The way I wanted it, the javascript part (which worked fine) pushed > the name field, with type 'entity_select', other_entity: 'user', > other_field: 'uid'. This gave a nice drop-down of all the users, and > submitted the UID to the back-end. I quickly realized when I tried to > submit a host that it was barfing because LDAP wants a DN, so I looked > at how 'manager' is done for users and tried to replicate it. The > Python to do that is shown in astrocustom-new.py.html in the above > directory. I know that didn't work, but I forget which version of > that not working that is - at some point I stopped checking them into > version control and bashed on the server until I gave up. > > Can someone help me figure out what I'm doing here? :D Part of it > I'm sure is my limited Python knowledge, and the fact that I'm > applying concepts I learned long ago from programming languages > classes to a language I don't really use based on seeing how some > parts work and trying to make them work elsewhere. Alternatively, if > there's more than just the FreeIPA33-extending-freeipa.pdf > presentation to go on for making plugins (and > pvoborni.fedorapeople.org/plugins for UI work) I'd love to have a > pointer to it to read more. There's some other UI things I'd tried > doing before which failed (such as removing some of the items from the > stageuser details page, which the people who will create stageusers > won't need to see and shouldn't be messing with) but that's another > thread, which might not need to be opened if there's another trove of > information on this that I just haven't found yet. > > Thanks for reading this far. Cookies are on the way. >
I didn't examine it thoroughly. But basically: IPA management framework does "cn" -> "dn" conversion in pre_callback (host-add, host-mod). But then it needs to do the reverse on post_callback (host-add, host-mod, host-show, maybe also host-find) Given that manager field was your example, you can also look at "convert_manager" method which does the "dn" -> "cn" conversion. And how it is called in post_callback/how are post_callbacks defined. Apart from that, I don't see what is wrong. How does it behave? -- Petr Vobornik -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project