class server(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
label=_(u'Server name'),
doc=_(u'IPA server hostname'),
),
parameters.Str(
'iparepltopomanagedsuffix',
required=False,
multivalue=True,
),
parameters.Str(
'iparepltopomanagedsuffix_topologysuffix',
required=False,
multivalue=True,
label=_(u'Managed suffixes'),
),
parameters.Int(
'ipamindomainlevel',
label=_(u'Min domain level'),
doc=_(u'Minimum domain level'),
),
parameters.Int(
'ipamaxdomainlevel',
label=_(u'Max domain level'),
doc=_(u'Maximum domain level'),
),
)
class entitle_find(Method):
__doc__ = _("Search for entitlement accounts.")
takes_args = (parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
), )
takes_options = (
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries('result', ),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class idoverrideuser(Object):
takes_params = (
parameters.Str(
'ipaanchoruuid',
primary_key=True,
label=_(u'Anchor to override'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
),
parameters.Str(
'uid',
required=False,
label=_(u'User login'),
),
parameters.Int(
'uidnumber',
required=False,
label=_(u'UID'),
doc=_(u'User ID Number'),
),
parameters.Str(
'gecos',
required=False,
label=_(u'GECOS'),
),
parameters.Int(
'gidnumber',
required=False,
label=_(u'GID'),
doc=_(u'Group ID Number'),
),
parameters.Str(
'homedirectory',
required=False,
label=_(u'Home directory'),
),
parameters.Str(
'loginshell',
required=False,
label=_(u'Login shell'),
),
parameters.Str(
'ipaoriginaluid',
required=False,
exclude=('cli', 'webui'),
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
label=_(u'SSH public key'),
),
)
class entitle_consume(Method):
__doc__ = _("Consume an entitlement.")
takes_args = (parameters.Int(
'quantity',
label=_(u'Quantity'),
), )
takes_options = (
parameters.Int(
'hidden',
label=_(u'Quantity'),
exclude=('cli', 'webui'),
default=1,
autofill=True,
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.Output(
'value',
unicode,
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class cert_revoke(Command):
__doc__ = _("Revoke a certificate.")
takes_args = (
parameters.Str(
'serial_number',
label=_(u'Serial number'),
doc=_(u'Serial number in decimal or if prefixed with 0x in hexadecimal'),
no_convert=True,
),
)
takes_options = (
parameters.Int(
'revocation_reason',
label=_(u'Reason'),
doc=_(u'Reason for revoking the certificate (0-10)'),
default=0,
autofill=True,
),
)
has_output = (
output.Output(
'result',
),
)
class cosentry_add(Method):
NO_CLI = True
takes_args = (parameters.Str('cn', ), )
takes_options = (
parameters.DNParam('krbpwdpolicyreference', ),
parameters.Int('cospriority', ),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.Output(
'value',
unicode,
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class cosentry(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
),
parameters.DNParam('krbpwdpolicyreference', ),
parameters.Int('cospriority', ),
)
class idrange(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
label=_(u'Range name'),
),
parameters.Int(
'ipabaseid',
label=_(u'First Posix ID of the range'),
),
parameters.Int(
'ipaidrangesize',
label=_(u'Number of IDs in the range'),
),
parameters.Int(
'ipabaserid',
required=False,
label=_(u'First RID of the corresponding RID range'),
),
parameters.Int(
'ipasecondarybaserid',
required=False,
label=_(u'First RID of the secondary RID range'),
),
parameters.Str(
'ipanttrusteddomainsid',
required=False,
label=_(u'Domain SID of the trusted domain'),
),
parameters.Str(
'ipanttrusteddomainname',
required=False,
label=_(u'Name of the trusted domain'),
),
parameters.Str(
'iparangetype',
required=False,
label=_(u'Range type'),
doc=
_(u'ID range type, one of ipa-ad-trust-posix, ipa-ad-trust, ipa-local'
),
),
)
class radiusproxy(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
label=_(u'RADIUS proxy server name'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
doc=_(u'A description of this RADIUS proxy server'),
),
parameters.Str(
'ipatokenradiusserver',
multivalue=True,
label=_(u'Server'),
doc=_(u'The hostname or IP (with or without port)'),
),
parameters.Password(
'ipatokenradiussecret',
label=_(u'Secret'),
doc=_(u'The secret used to encrypt data'),
),
parameters.Int(
'ipatokenradiustimeout',
required=False,
label=_(u'Timeout'),
doc=_(u'The total timeout across all retries (in seconds)'),
),
parameters.Int(
'ipatokenradiusretries',
required=False,
label=_(u'Retries'),
doc=_(u'The number of times to retry authentication'),
),
parameters.Str(
'ipatokenusermapattribute',
required=False,
label=_(u'User attribute'),
doc=_(u'The username attribute on the user object'),
),
)
class topologysegment(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
label=_(u'Segment name'),
doc=_(u'Arbitrary string identifying the segment'),
),
parameters.Str(
'iparepltoposegmentleftnode',
label=_(u'Left node'),
doc=_(u'Left replication node - an IPA server'),
),
parameters.Str(
'iparepltoposegmentrightnode',
label=_(u'Right node'),
doc=_(u'Right replication node - an IPA server'),
),
parameters.Str(
'iparepltoposegmentdirection',
label=_(u'Connectivity'),
doc=_(u'Direction of replication between left and right replication node'),
),
parameters.Str(
'nsds5replicastripattrs',
required=False,
label=_(u'Attributes to strip'),
doc=_(u'A space separated list of attributes which are removed from replication updates.'),
),
parameters.Str(
'nsds5replicatedattributelist',
required=False,
label=_(u'Attributes to replicate'),
doc=_(u'Attributes that are not replicated to a consumer server during a fractional update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof'),
),
parameters.Str(
'nsds5replicatedattributelisttotal',
required=False,
label=_(u'Attributes for total update'),
doc=_(u'Attributes that are not replicated to a consumer server during a total update. E.g. (objectclass=*) $ EXCLUDE accountlockout'),
),
parameters.Int(
'nsds5replicatimeout',
required=False,
label=_(u'Session timeout'),
doc=_(u'Number of seconds outbound LDAP operations waits for a response from the remote replica before timing out and failing'),
),
parameters.Str(
'nsds5replicaenabled',
required=False,
label=_(u'Replication agreement enabled'),
doc=_(u'Whether a replication agreement is active, meaning whether replication is occurring per that agreement'),
),
)
class krbtpolicy(Object):
takes_params = (
parameters.Str(
'uid',
required=False,
primary_key=True,
label=_(u'User name'),
doc=_(u'Manage ticket policy for specific user'),
),
parameters.Int(
'krbmaxticketlife',
required=False,
label=_(u'Max life'),
doc=_(u'Maximum ticket life (seconds)'),
),
parameters.Int(
'krbmaxrenewableage',
required=False,
label=_(u'Max renew'),
doc=_(u'Maximum renewable age (seconds)'),
),
)
class otpconfig(Object):
takes_params = (
parameters.Int(
'ipatokentotpauthwindow',
label=_(u'TOTP authentication Window'),
doc=_(u'TOTP authentication time variance (seconds)'),
),
parameters.Int(
'ipatokentotpsyncwindow',
label=_(u'TOTP Synchronization Window'),
doc=_(u'TOTP synchronization time variance (seconds)'),
),
parameters.Int(
'ipatokenhotpauthwindow',
label=_(u'HOTP Authentication Window'),
doc=_(u'HOTP authentication skip-ahead'),
),
parameters.Int(
'ipatokenhotpsyncwindow',
label=_(u'HOTP Synchronization Window'),
doc=_(u'HOTP synchronization skip-ahead'),
),
)
class domainlevel_set(Command):
__doc__ = _("Change current Domain Level.")
takes_args = (
parameters.Int(
'ipadomainlevel',
cli_name='level',
label=_(u'Domain Level'),
),
)
takes_options = (
)
has_output = (
output.Output(
'result',
int,
doc=_(u'Current domain level:'),
),
)
class idoverridegroup(Object):
takes_params = (
parameters.Str(
'ipaanchoruuid',
primary_key=True,
label=_(u'Anchor to override'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
),
parameters.Str(
'cn',
required=False,
label=_(u'Group name'),
),
parameters.Int(
'gidnumber',
required=False,
label=_(u'GID'),
doc=_(u'Group ID Number'),
),
)
class idrange_find(Method):
__doc__ = _("Search for ranges.")
takes_args = (parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
), )
takes_options = (
parameters.Str(
'cn',
required=False,
cli_name='name',
label=_(u'Range name'),
),
parameters.Int(
'ipabaseid',
required=False,
cli_name='base_id',
label=_(u'First Posix ID of the range'),
),
parameters.Int(
'ipaidrangesize',
required=False,
cli_name='range_size',
label=_(u'Number of IDs in the range'),
),
parameters.Int(
'ipabaserid',
required=False,
cli_name='rid_base',
label=_(u'First RID of the corresponding RID range'),
),
parameters.Int(
'ipasecondarybaserid',
required=False,
cli_name='secondary_rid_base',
label=_(u'First RID of the secondary RID range'),
),
parameters.Str(
'ipanttrusteddomainsid',
required=False,
cli_name='dom_sid',
label=_(u'Domain SID of the trusted domain'),
),
parameters.Str(
'iparangetype',
required=False,
cli_name='type',
cli_metavar="['ipa-ad-trust-posix', 'ipa-ad-trust', 'ipa-local']",
label=_(u'Range type'),
doc=
_(u'ID range type, one of ipa-ad-trust-posix, ipa-ad-trust, ipa-local'
),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds (0 is unlimited)'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned (0 is unlimited)'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(
u'Results should contain primary key attribute only ("name")'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries('result', ),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class idrange_add(Method):
__doc__ = _("""
Add new ID range.
To add a new ID range you always have to specify
--base-id
--range-size
Additionally
--rid-base
--secondary-rid-base
may be given for a new ID range for the local domain while
--rid-base
--dom-sid
must be given to add a new range for a trusted AD domain.
=======
WARNING:
DNA plugin in 389-ds will allocate IDs based on the ranges configured for the
local domain. Currently the DNA plugin *cannot* be reconfigured itself based
on the local ranges set via this family of commands.
Manual configuration change has to be done in the DNA plugin configuration for
the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix
IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be
modified to match the new range.
=======
""")
takes_args = (parameters.Str(
'cn',
cli_name='name',
label=_(u'Range name'),
), )
takes_options = (
parameters.Int(
'ipabaseid',
cli_name='base_id',
label=_(u'First Posix ID of the range'),
),
parameters.Int(
'ipaidrangesize',
cli_name='range_size',
label=_(u'Number of IDs in the range'),
),
parameters.Int(
'ipabaserid',
required=False,
cli_name='rid_base',
label=_(u'First RID of the corresponding RID range'),
),
parameters.Int(
'ipasecondarybaserid',
required=False,
cli_name='secondary_rid_base',
label=_(u'First RID of the secondary RID range'),
),
parameters.Str(
'ipanttrusteddomainsid',
required=False,
cli_name='dom_sid',
label=_(u'Domain SID of the trusted domain'),
),
parameters.Str(
'ipanttrusteddomainname',
required=False,
cli_name='dom_name',
label=_(u'Name of the trusted domain'),
),
parameters.Str(
'iparangetype',
required=False,
cli_name='type',
cli_metavar="['ipa-ad-trust-posix', 'ipa-ad-trust', 'ipa-local']",
label=_(u'Range type'),
doc=
_(u'ID range type, one of ipa-ad-trust-posix, ipa-ad-trust, ipa-local'
),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class host_find(Method):
__doc__ = _("Search for hosts.")
takes_args = (
parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
),
)
takes_options = (
parameters.Str(
'fqdn',
required=False,
cli_name='hostname',
label=_(u'Host name'),
no_convert=True,
),
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
doc=_(u'A description of this host'),
),
parameters.Str(
'l',
required=False,
cli_name='locality',
label=_(u'Locality'),
doc=_(u'Host locality (e.g. "Baltimore, MD")'),
),
parameters.Str(
'nshostlocation',
required=False,
cli_name='location',
label=_(u'Location'),
doc=_(u'Host location (e.g. "Lab 2")'),
),
parameters.Str(
'nshardwareplatform',
required=False,
cli_name='platform',
label=_(u'Platform'),
doc=_(u'Host hardware platform (e.g. "Lenovo T61")'),
),
parameters.Str(
'nsosversion',
required=False,
cli_name='os',
label=_(u'Operating system'),
doc=_(u'Host operating system and version (e.g. "Fedora 9")'),
),
parameters.Str(
'userpassword',
required=False,
cli_name='password',
label=_(u'User password'),
doc=_(u'Password used in bulk enrollment'),
),
parameters.Bytes(
'usercertificate',
required=False,
cli_name='certificate',
label=_(u'Certificate'),
doc=_(u'Base-64 encoded server certificate'),
),
parameters.Str(
'macaddress',
required=False,
multivalue=True,
label=_(u'MAC address'),
doc=_(u'Hardware MAC address(es) on this host'),
no_convert=True,
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(u'Results should contain primary key attribute only ("hostname")'),
default=False,
autofill=True,
),
parameters.Str(
'in_hostgroup',
required=False,
multivalue=True,
cli_name='in_hostgroups',
label=_(u'host group'),
doc=_(u'Search for hosts with these member of host groups.'),
),
parameters.Str(
'not_in_hostgroup',
required=False,
multivalue=True,
cli_name='not_in_hostgroups',
label=_(u'host group'),
doc=_(u'Search for hosts without these member of host groups.'),
),
parameters.Str(
'in_netgroup',
required=False,
multivalue=True,
cli_name='in_netgroups',
label=_(u'netgroup'),
doc=_(u'Search for hosts with these member of netgroups.'),
),
parameters.Str(
'not_in_netgroup',
required=False,
multivalue=True,
cli_name='not_in_netgroups',
label=_(u'netgroup'),
doc=_(u'Search for hosts without these member of netgroups.'),
),
parameters.Str(
'in_role',
required=False,
multivalue=True,
cli_name='in_roles',
label=_(u'role'),
doc=_(u'Search for hosts with these member of roles.'),
),
parameters.Str(
'not_in_role',
required=False,
multivalue=True,
cli_name='not_in_roles',
label=_(u'role'),
doc=_(u'Search for hosts without these member of roles.'),
),
parameters.Str(
'in_hbacrule',
required=False,
multivalue=True,
cli_name='in_hbacrules',
label=_(u'HBAC rule'),
doc=_(u'Search for hosts with these member of HBAC rules.'),
),
parameters.Str(
'not_in_hbacrule',
required=False,
multivalue=True,
cli_name='not_in_hbacrules',
label=_(u'HBAC rule'),
doc=_(u'Search for hosts without these member of HBAC rules.'),
),
parameters.Str(
'in_sudorule',
required=False,
multivalue=True,
cli_name='in_sudorules',
label=_(u'sudo rule'),
doc=_(u'Search for hosts with these member of sudo rules.'),
),
parameters.Str(
'not_in_sudorule',
required=False,
multivalue=True,
cli_name='not_in_sudorules',
label=_(u'sudo rule'),
doc=_(u'Search for hosts without these member of sudo rules.'),
),
parameters.Str(
'enroll_by_user',
required=False,
multivalue=True,
cli_name='enroll_by_users',
label=_(u'user'),
doc=_(u'Search for hosts with these enrolled by users.'),
),
parameters.Str(
'not_enroll_by_user',
required=False,
multivalue=True,
cli_name='not_enroll_by_users',
label=_(u'user'),
doc=_(u'Search for hosts without these enrolled by users.'),
),
parameters.Str(
'man_by_host',
required=False,
multivalue=True,
cli_name='man_by_hosts',
label=_(u'host'),
doc=_(u'Search for hosts with these managed by hosts.'),
),
parameters.Str(
'not_man_by_host',
required=False,
multivalue=True,
cli_name='not_man_by_hosts',
label=_(u'host'),
doc=_(u'Search for hosts without these managed by hosts.'),
),
parameters.Str(
'man_host',
required=False,
multivalue=True,
cli_name='man_hosts',
label=_(u'host'),
doc=_(u'Search for hosts with these managing hosts.'),
),
parameters.Str(
'not_man_host',
required=False,
multivalue=True,
cli_name='not_man_hosts',
label=_(u'host'),
doc=_(u'Search for hosts without these managing hosts.'),
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries(
'result',
),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class sudorule_mod(Method):
__doc__ = _("Modify Sudo Rule.")
takes_args = (parameters.Str(
'cn',
cli_name='sudorule_name',
label=_(u'Rule name'),
), )
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
),
parameters.Bool(
'ipaenabledflag',
required=False,
label=_(u'Enabled'),
exclude=('cli', 'webui'),
),
parameters.Str(
'usercategory',
required=False,
cli_name='usercat',
cli_metavar="['all']",
label=_(u'User category'),
doc=_(u'User category the rule applies to'),
),
parameters.Str(
'hostcategory',
required=False,
cli_name='hostcat',
cli_metavar="['all']",
label=_(u'Host category'),
doc=_(u'Host category the rule applies to'),
),
parameters.Str(
'cmdcategory',
required=False,
cli_name='cmdcat',
cli_metavar="['all']",
label=_(u'Command category'),
doc=_(u'Command category the rule applies to'),
),
parameters.Str(
'ipasudorunasusercategory',
required=False,
cli_name='runasusercat',
cli_metavar="['all']",
label=_(u'RunAs User category'),
doc=_(u'RunAs User category the rule applies to'),
),
parameters.Str(
'ipasudorunasgroupcategory',
required=False,
cli_name='runasgroupcat',
cli_metavar="['all']",
label=_(u'RunAs Group category'),
doc=_(u'RunAs Group category the rule applies to'),
),
parameters.Int(
'sudoorder',
required=False,
cli_name='order',
label=_(u'Sudo order'),
doc=_(u'integer to order the Sudo rules'),
default=0,
),
parameters.Str(
'externaluser',
required=False,
label=_(u'External User'),
doc=_(u'External User the rule applies to (sudorule-find only)'),
),
parameters.Str(
'ipasudorunasextuser',
required=False,
cli_name='runasexternaluser',
label=_(u'RunAs External User'),
doc=_(
u'External User the commands can run as (sudorule-find only)'),
),
parameters.Str(
'ipasudorunasextgroup',
required=False,
cli_name='runasexternalgroup',
label=_(u'RunAs External Group'),
doc=_(
u'External Group the commands can run as (sudorule-find only)'
),
),
parameters.Str(
'externalhost',
required=False,
multivalue=True,
label=_(u'External host'),
exclude=('cli', 'webui'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=
_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'
),
exclude=('webui', ),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=
_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'
),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.Output(
'value',
unicode,
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class cert_find(Command):
__doc__ = _("Search for existing certificates.")
takes_options = (
parameters.Str(
'subject',
required=False,
label=_(u'Match cn attribute in subject'),
),
parameters.Int(
'revocation_reason',
required=False,
label=_(u'Reason'),
doc=_(u'Reason for revoking the certificate (0-10)'),
),
parameters.Int(
'min_serial_number',
required=False,
doc=_(u'minimum serial number'),
),
parameters.Int(
'max_serial_number',
required=False,
doc=_(u'maximum serial number'),
),
parameters.Flag(
'exactly',
required=False,
doc=_(u'match the common name exactly'),
default=False,
autofill=True,
),
parameters.Str(
'validnotafter_from',
required=False,
doc=_(u'Valid not after from this date (YYYY-mm-dd)'),
),
parameters.Str(
'validnotafter_to',
required=False,
doc=_(u'Valid not after to this date (YYYY-mm-dd)'),
),
parameters.Str(
'validnotbefore_from',
required=False,
doc=_(u'Valid not before from this date (YYYY-mm-dd)'),
),
parameters.Str(
'validnotbefore_to',
required=False,
doc=_(u'Valid not before to this date (YYYY-mm-dd)'),
),
parameters.Str(
'issuedon_from',
required=False,
doc=_(u'Issued on from this date (YYYY-mm-dd)'),
),
parameters.Str(
'issuedon_to',
required=False,
doc=_(u'Issued on to this date (YYYY-mm-dd)'),
),
parameters.Str(
'revokedon_from',
required=False,
doc=_(u'Revoked on from this date (YYYY-mm-dd)'),
),
parameters.Str(
'revokedon_to',
required=False,
doc=_(u'Revoked on to this date (YYYY-mm-dd)'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of certs returned'),
default=100,
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries(
'result',
),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class topologysegment_find(Method):
__doc__ = _("Search for topology segments.")
takes_args = (
parameters.Str(
'topologysuffixcn',
cli_name='topologysuffix',
label=_(u'Suffix name'),
),
parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
),
)
takes_options = (
parameters.Str(
'cn',
required=False,
cli_name='name',
label=_(u'Segment name'),
doc=_(u'Arbitrary string identifying the segment'),
default_from=DefaultFrom(lambda iparepltoposegmentleftnode, iparepltoposegmentrightnode: None, 'iparepltoposegmentleftnode', 'iparepltoposegmentrightnode'),
# FIXME:
# lambda iparepltoposegmentleftnode, iparepltoposegmentrightnode:
no_convert=True,
),
parameters.Str(
'iparepltoposegmentleftnode',
required=False,
cli_name='leftnode',
label=_(u'Left node'),
doc=_(u'Left replication node - an IPA server'),
no_convert=True,
),
parameters.Str(
'iparepltoposegmentrightnode',
required=False,
cli_name='rightnode',
label=_(u'Right node'),
doc=_(u'Right replication node - an IPA server'),
no_convert=True,
),
parameters.Str(
'iparepltoposegmentdirection',
required=False,
cli_name='direction',
cli_metavar="['both', 'left-right', 'right-left']",
label=_(u'Connectivity'),
doc=_(u'Direction of replication between left and right replication node'),
exclude=('cli', 'webui'),
default=u'both',
),
parameters.Str(
'nsds5replicastripattrs',
required=False,
cli_name='stripattrs',
label=_(u'Attributes to strip'),
doc=_(u'A space separated list of attributes which are removed from replication updates.'),
no_convert=True,
),
parameters.Str(
'nsds5replicatedattributelist',
required=False,
cli_name='replattrs',
label=_(u'Attributes to replicate'),
doc=_(u'Attributes that are not replicated to a consumer server during a fractional update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof'),
),
parameters.Str(
'nsds5replicatedattributelisttotal',
required=False,
cli_name='replattrstotal',
label=_(u'Attributes for total update'),
doc=_(u'Attributes that are not replicated to a consumer server during a total update. E.g. (objectclass=*) $ EXCLUDE accountlockout'),
),
parameters.Int(
'nsds5replicatimeout',
required=False,
cli_name='timeout',
label=_(u'Session timeout'),
doc=_(u'Number of seconds outbound LDAP operations waits for a response from the remote replica before timing out and failing'),
),
parameters.Str(
'nsds5replicaenabled',
required=False,
cli_name='enabled',
cli_metavar="['on', 'off']",
label=_(u'Replication agreement enabled'),
doc=_(u'Whether a replication agreement is active, meaning whether replication is occurring per that agreement'),
exclude=('cli', 'webui'),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds (0 is unlimited)'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned (0 is unlimited)'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(u'Results should contain primary key attribute only ("name")'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries(
'result',
),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class idoverrideuser_mod(Method):
__doc__ = _("Modify an User ID override.")
takes_args = (
parameters.Str(
'idviewcn',
cli_name='idview',
label=_(u'ID View Name'),
),
parameters.Str(
'ipaanchoruuid',
cli_name='anchor',
label=_(u'Anchor to override'),
),
)
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
),
parameters.Str(
'uid',
required=False,
cli_name='login',
label=_(u'User login'),
no_convert=True,
),
parameters.Int(
'uidnumber',
required=False,
cli_name='uid',
label=_(u'UID'),
doc=_(u'User ID Number'),
),
parameters.Str(
'gecos',
required=False,
label=_(u'GECOS'),
),
parameters.Int(
'gidnumber',
required=False,
label=_(u'GID'),
doc=_(u'Group ID Number'),
),
parameters.Str(
'homedirectory',
required=False,
cli_name='homedir',
label=_(u'Home directory'),
),
parameters.Str(
'loginshell',
required=False,
cli_name='shell',
label=_(u'Login shell'),
),
parameters.Str(
'ipaoriginaluid',
required=False,
exclude=('cli', 'webui'),
),
parameters.Str(
'ipasshpubkey',
required=False,
multivalue=True,
cli_name='sshpubkey',
label=_(u'SSH public key'),
no_convert=True,
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=
_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'
),
exclude=('webui', ),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=
_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'
),
default=False,
autofill=True,
),
parameters.Flag(
'fallback_to_ldap',
required=False,
label=_(u'Fallback to AD DC LDAP'),
doc=
_(u'Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only.'
),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Str(
'rename',
required=False,
label=_(u'Rename'),
doc=_(u'Rename the User ID override object'),
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class idoverridegroup_add(Method):
__doc__ = _("Add a new Group ID override.")
takes_args = (
parameters.Str(
'idviewcn',
cli_name='idview',
label=_(u'ID View Name'),
),
parameters.Str(
'ipaanchoruuid',
cli_name='anchor',
label=_(u'Anchor to override'),
),
)
takes_options = (
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
),
parameters.Str(
'cn',
required=False,
cli_name='group_name',
label=_(u'Group name'),
no_convert=True,
),
parameters.Int(
'gidnumber',
required=False,
cli_name='gid',
label=_(u'GID'),
doc=_(u'Group ID Number'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Flag(
'fallback_to_ldap',
required=False,
label=_(u'Fallback to AD DC LDAP'),
doc=
_(u'Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only.'
),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class idrange_mod(Method):
__doc__ = _("""
Modify ID range.
=======
WARNING:
DNA plugin in 389-ds will allocate IDs based on the ranges configured for the
local domain. Currently the DNA plugin *cannot* be reconfigured itself based
on the local ranges set via this family of commands.
Manual configuration change has to be done in the DNA plugin configuration for
the new local range. Specifically, The dnaNextRange attribute of 'cn=Posix
IDs,cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config' has to be
modified to match the new range.
=======
""")
takes_args = (parameters.Str(
'cn',
cli_name='name',
label=_(u'Range name'),
), )
takes_options = (
parameters.Int(
'ipabaseid',
required=False,
cli_name='base_id',
label=_(u'First Posix ID of the range'),
),
parameters.Int(
'ipaidrangesize',
required=False,
cli_name='range_size',
label=_(u'Number of IDs in the range'),
),
parameters.Int(
'ipabaserid',
required=False,
cli_name='rid_base',
label=_(u'First RID of the corresponding RID range'),
),
parameters.Int(
'ipasecondarybaserid',
required=False,
cli_name='secondary_rid_base',
label=_(u'First RID of the secondary RID range'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=
_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'
),
exclude=('webui', ),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=
_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'
),
exclude=('webui', ),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=
_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'
),
exclude=('webui', ),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=
_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'
),
default=False,
autofill=True,
),
parameters.Str(
'ipanttrusteddomainsid',
required=False,
deprecated=True,
exclude=('cli', 'webui'),
),
parameters.Str(
'ipanttrusteddomainname',
required=False,
deprecated=True,
exclude=('cli', 'webui'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry('result', ),
output.PrimaryKey(
'value',
doc=_(
u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class sudorule(Object):
takes_params = (
parameters.Str(
'cn',
primary_key=True,
label=_(u'Rule name'),
),
parameters.Str(
'description',
required=False,
label=_(u'Description'),
),
parameters.Bool(
'ipaenabledflag',
required=False,
label=_(u'Enabled'),
),
parameters.Str(
'usercategory',
required=False,
label=_(u'User category'),
doc=_(u'User category the rule applies to'),
),
parameters.Str(
'hostcategory',
required=False,
label=_(u'Host category'),
doc=_(u'Host category the rule applies to'),
),
parameters.Str(
'cmdcategory',
required=False,
label=_(u'Command category'),
doc=_(u'Command category the rule applies to'),
),
parameters.Str(
'ipasudorunasusercategory',
required=False,
label=_(u'RunAs User category'),
doc=_(u'RunAs User category the rule applies to'),
),
parameters.Str(
'ipasudorunasgroupcategory',
required=False,
label=_(u'RunAs Group category'),
doc=_(u'RunAs Group category the rule applies to'),
),
parameters.Int(
'sudoorder',
required=False,
label=_(u'Sudo order'),
doc=_(u'integer to order the Sudo rules'),
),
parameters.Str(
'memberuser_user',
required=False,
label=_(u'Users'),
),
parameters.Str(
'memberuser_group',
required=False,
label=_(u'User Groups'),
),
parameters.Str(
'memberhost_host',
required=False,
label=_(u'Hosts'),
),
parameters.Str(
'memberhost_hostgroup',
required=False,
label=_(u'Host Groups'),
),
parameters.Str(
'memberallowcmd_sudocmd',
required=False,
label=_(u'Sudo Allow Commands'),
),
parameters.Str(
'memberdenycmd_sudocmd',
required=False,
label=_(u'Sudo Deny Commands'),
),
parameters.Str(
'memberallowcmd_sudocmdgroup',
required=False,
label=_(u'Sudo Allow Command Groups'),
),
parameters.Str(
'memberdenycmd_sudocmdgroup',
required=False,
label=_(u'Sudo Deny Command Groups'),
),
parameters.Str(
'ipasudorunas_user',
required=False,
label=_(u'RunAs Users'),
doc=_(u'Run as a user'),
),
parameters.Str(
'ipasudorunas_group',
required=False,
label=_(u'Groups of RunAs Users'),
doc=_(u'Run as any user within a specified group'),
),
parameters.Str(
'externaluser',
required=False,
label=_(u'External User'),
doc=_(u'External User the rule applies to (sudorule-find only)'),
),
parameters.Str(
'ipasudorunasextuser',
required=False,
label=_(u'RunAs External User'),
doc=_(
u'External User the commands can run as (sudorule-find only)'),
),
parameters.Str(
'ipasudorunasextgroup',
required=False,
label=_(u'RunAs External Group'),
doc=_(
u'External Group the commands can run as (sudorule-find only)'
),
),
parameters.Str(
'ipasudoopt',
required=False,
label=_(u'Sudo Option'),
),
parameters.Str(
'ipasudorunasgroup_group',
required=False,
label=_(u'RunAs Groups'),
doc=_(u'Run with the gid of a specified POSIX group'),
),
parameters.Str(
'externalhost',
required=False,
multivalue=True,
label=_(u'External host'),
),
)
class service_find(Method):
__doc__ = _("Search for IPA services.")
takes_args = (parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
), )
takes_options = (
parameters.Str(
'krbprincipalname',
required=False,
cli_name='principal',
label=_(u'Principal'),
doc=_(u'Service principal'),
no_convert=True,
),
parameters.Str(
'ipakrbauthzdata',
required=False,
multivalue=True,
cli_name='pac_type',
cli_metavar="['MS-PAC', 'PAD', 'NONE']",
label=_(u'PAC type'),
doc=
_(u"Override default list of supported PAC types. Use 'NONE' to disable PAC support for this service"
),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=
_(u'Results should contain primary key attribute only ("principal")'
),
default=False,
autofill=True,
),
parameters.Str(
'man_by_host',
required=False,
multivalue=True,
cli_name='man_by_hosts',
label=_(u'host'),
doc=_(u'Search for services with these managed by hosts.'),
),
parameters.Str(
'not_man_by_host',
required=False,
multivalue=True,
cli_name='not_man_by_hosts',
label=_(u'host'),
doc=_(u'Search for services without these managed by hosts.'),
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries('result', ),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class sudorule_find(Method):
__doc__ = _("Search for Sudo Rule.")
takes_args = (parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
), )
takes_options = (
parameters.Str(
'cn',
required=False,
cli_name='sudorule_name',
label=_(u'Rule name'),
),
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
),
parameters.Bool(
'ipaenabledflag',
required=False,
label=_(u'Enabled'),
exclude=('cli', 'webui'),
),
parameters.Str(
'usercategory',
required=False,
cli_name='usercat',
cli_metavar="['all']",
label=_(u'User category'),
doc=_(u'User category the rule applies to'),
),
parameters.Str(
'hostcategory',
required=False,
cli_name='hostcat',
cli_metavar="['all']",
label=_(u'Host category'),
doc=_(u'Host category the rule applies to'),
),
parameters.Str(
'cmdcategory',
required=False,
cli_name='cmdcat',
cli_metavar="['all']",
label=_(u'Command category'),
doc=_(u'Command category the rule applies to'),
),
parameters.Str(
'ipasudorunasusercategory',
required=False,
cli_name='runasusercat',
cli_metavar="['all']",
label=_(u'RunAs User category'),
doc=_(u'RunAs User category the rule applies to'),
),
parameters.Str(
'ipasudorunasgroupcategory',
required=False,
cli_name='runasgroupcat',
cli_metavar="['all']",
label=_(u'RunAs Group category'),
doc=_(u'RunAs Group category the rule applies to'),
),
parameters.Int(
'sudoorder',
required=False,
cli_name='order',
label=_(u'Sudo order'),
doc=_(u'integer to order the Sudo rules'),
default=0,
),
parameters.Str(
'externaluser',
required=False,
label=_(u'External User'),
doc=_(u'External User the rule applies to (sudorule-find only)'),
),
parameters.Str(
'ipasudorunasextuser',
required=False,
cli_name='runasexternaluser',
label=_(u'RunAs External User'),
doc=_(
u'External User the commands can run as (sudorule-find only)'),
),
parameters.Str(
'ipasudorunasextgroup',
required=False,
cli_name='runasexternalgroup',
label=_(u'RunAs External Group'),
doc=_(
u'External Group the commands can run as (sudorule-find only)'
),
),
parameters.Str(
'externalhost',
required=False,
multivalue=True,
label=_(u'External host'),
exclude=('cli', 'webui'),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned'),
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=
_(u'Results should contain primary key attribute only ("sudorule-name")'
),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries('result', ),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class topologysegment_mod(Method):
__doc__ = _("Modify a segment.")
takes_args = (
parameters.Str(
'topologysuffixcn',
cli_name='topologysuffix',
label=_(u'Suffix name'),
),
parameters.Str(
'cn',
cli_name='name',
label=_(u'Segment name'),
doc=_(u'Arbitrary string identifying the segment'),
default_from=DefaultFrom(lambda iparepltoposegmentleftnode, iparepltoposegmentrightnode: None, 'iparepltoposegmentleftnode', 'iparepltoposegmentrightnode'),
# FIXME:
# lambda iparepltoposegmentleftnode, iparepltoposegmentrightnode:
no_convert=True,
),
)
takes_options = (
parameters.Str(
'nsds5replicastripattrs',
required=False,
cli_name='stripattrs',
label=_(u'Attributes to strip'),
doc=_(u'A space separated list of attributes which are removed from replication updates.'),
no_convert=True,
),
parameters.Str(
'nsds5replicatedattributelist',
required=False,
cli_name='replattrs',
label=_(u'Attributes to replicate'),
doc=_(u'Attributes that are not replicated to a consumer server during a fractional update. E.g., `(objectclass=*) $ EXCLUDE accountlockout memberof'),
),
parameters.Str(
'nsds5replicatedattributelisttotal',
required=False,
cli_name='replattrstotal',
label=_(u'Attributes for total update'),
doc=_(u'Attributes that are not replicated to a consumer server during a total update. E.g. (objectclass=*) $ EXCLUDE accountlockout'),
),
parameters.Int(
'nsds5replicatimeout',
required=False,
cli_name='timeout',
label=_(u'Session timeout'),
doc=_(u'Number of seconds outbound LDAP operations waits for a response from the remote replica before timing out and failing'),
),
parameters.Str(
'nsds5replicaenabled',
required=False,
cli_name='enabled',
cli_metavar="['on', 'off']",
label=_(u'Replication agreement enabled'),
doc=_(u'Whether a replication agreement is active, meaning whether replication is occurring per that agreement'),
exclude=('cli', 'webui'),
),
parameters.Str(
'setattr',
required=False,
multivalue=True,
doc=_(u'Set an attribute to a name/value pair. Format is attr=value.\nFor multi-valued attributes, the command replaces the values already present.'),
exclude=('webui',),
),
parameters.Str(
'addattr',
required=False,
multivalue=True,
doc=_(u'Add an attribute/value pair. Format is attr=value. The attribute\nmust be part of the schema.'),
exclude=('webui',),
),
parameters.Str(
'delattr',
required=False,
multivalue=True,
doc=_(u'Delete an attribute/value pair. The option will be evaluated\nlast, after all sets and adds.'),
exclude=('webui',),
),
parameters.Flag(
'rights',
label=_(u'Rights'),
doc=_(u'Display the access rights of this entry (requires --all). See ipa man page for details.'),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.Entry(
'result',
),
output.PrimaryKey(
'value',
doc=_(u"The primary_key value of the entry, e.g. 'jdoe' for a user"),
),
)
class config(Object):
takes_params = (
parameters.Int(
'ipamaxusernamelength',
label=_(u'Maximum username length'),
),
parameters.Str(
'ipahomesrootdir',
label=_(u'Home directory base'),
doc=_(u'Default location of home directories'),
),
parameters.Str(
'ipadefaultloginshell',
label=_(u'Default shell'),
doc=_(u'Default shell for new users'),
),
parameters.Str(
'ipadefaultprimarygroup',
label=_(u'Default users group'),
doc=_(u'Default group for new users'),
),
parameters.Str(
'ipadefaultemaildomain',
required=False,
label=_(u'Default e-mail domain'),
),
parameters.Int(
'ipasearchtimelimit',
label=_(u'Search time limit'),
doc=
_(u'Maximum amount of time (seconds) for a search (> 0, or -1 for unlimited)'
),
),
parameters.Int(
'ipasearchrecordslimit',
label=_(u'Search size limit'),
doc=_(u'Maximum number of records to search (-1 is unlimited)'),
),
parameters.Str(
'ipausersearchfields',
label=_(u'User search fields'),
doc=
_(u'A comma-separated list of fields to search in when searching for users'
),
),
parameters.Str(
'ipagroupsearchfields',
label=_(u'Group search fields'),
doc=
_(u'A comma-separated list of fields to search in when searching for groups'
),
),
parameters.Bool(
'ipamigrationenabled',
label=_(u'Enable migration mode'),
),
parameters.DNParam(
'ipacertificatesubjectbase',
label=_(u'Certificate Subject base'),
doc=_(u'Base for certificate subjects (OU=Test,O=Example)'),
),
parameters.Str(
'ipagroupobjectclasses',
multivalue=True,
label=_(u'Default group objectclasses'),
doc=_(u'Default group objectclasses (comma-separated list)'),
),
parameters.Str(
'ipauserobjectclasses',
multivalue=True,
label=_(u'Default user objectclasses'),
doc=_(u'Default user objectclasses (comma-separated list)'),
),
parameters.Int(
'ipapwdexpadvnotify',
label=_(u'Password Expiration Notification (days)'),
doc=_(u"Number of days's notice of impending password expiration"),
),
parameters.Str(
'ipaconfigstring',
required=False,
multivalue=True,
label=_(u'Password plugin features'),
doc=_(u'Extra hashes to generate in password plug-in'),
),
parameters.Str(
'ipaselinuxusermaporder',
label=_(u'SELinux user map order'),
doc=_(
u'Order in increasing priority of SELinux users, delimited by $'
),
),
parameters.Str(
'ipaselinuxusermapdefault',
required=False,
label=_(u'Default SELinux user'),
doc=
_(u'Default SELinux user when no match is found in SELinux map rule'
),
),
parameters.Str(
'ipakrbauthzdata',
required=False,
multivalue=True,
label=_(u'Default PAC types'),
doc=_(u'Default types of PAC supported for services'),
),
)
class topologysuffix_find(Method):
__doc__ = _("Search for topology suffixes.")
takes_args = (
parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
),
)
takes_options = (
parameters.Str(
'cn',
required=False,
cli_name='name',
label=_(u'Suffix name'),
),
parameters.DNParam(
'iparepltopoconfroot',
required=False,
cli_name='suffix_dn',
label=_(u'Managed LDAP suffix DN'),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds (0 is unlimited)'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned (0 is unlimited)'),
),
parameters.Flag(
'all',
doc=_(u'Retrieve and print all attributes from the server. Affects command output.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=_(u'Print entries as stored on the server. Only affects output format.'),
exclude=('webui',),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(u'Results should contain primary key attribute only ("name")'),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries(
'result',
),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
class idoverrideuser_find(Method):
__doc__ = _("Search for an User ID override.")
takes_args = (
parameters.Str(
'idviewcn',
cli_name='idview',
label=_(u'ID View Name'),
),
parameters.Str(
'criteria',
required=False,
doc=_(u'A string searched in all relevant object attributes'),
),
)
takes_options = (
parameters.Str(
'ipaanchoruuid',
required=False,
cli_name='anchor',
label=_(u'Anchor to override'),
),
parameters.Str(
'description',
required=False,
cli_name='desc',
label=_(u'Description'),
),
parameters.Str(
'uid',
required=False,
cli_name='login',
label=_(u'User login'),
no_convert=True,
),
parameters.Int(
'uidnumber',
required=False,
cli_name='uid',
label=_(u'UID'),
doc=_(u'User ID Number'),
),
parameters.Str(
'gecos',
required=False,
label=_(u'GECOS'),
),
parameters.Int(
'gidnumber',
required=False,
label=_(u'GID'),
doc=_(u'Group ID Number'),
),
parameters.Str(
'homedirectory',
required=False,
cli_name='homedir',
label=_(u'Home directory'),
),
parameters.Str(
'loginshell',
required=False,
cli_name='shell',
label=_(u'Login shell'),
),
parameters.Str(
'ipaoriginaluid',
required=False,
exclude=('cli', 'webui'),
),
parameters.Int(
'timelimit',
required=False,
label=_(u'Time Limit'),
doc=_(u'Time limit of search in seconds (0 is unlimited)'),
),
parameters.Int(
'sizelimit',
required=False,
label=_(u'Size Limit'),
doc=_(u'Maximum number of entries returned (0 is unlimited)'),
),
parameters.Flag(
'fallback_to_ldap',
required=False,
label=_(u'Fallback to AD DC LDAP'),
doc=
_(u'Allow falling back to AD DC LDAP when resolving AD trusted objects. For two-way trusts only.'
),
default=False,
autofill=True,
),
parameters.Flag(
'all',
doc=
_(u'Retrieve and print all attributes from the server. Affects command output.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'raw',
doc=
_(u'Print entries as stored on the server. Only affects output format.'
),
exclude=('webui', ),
default=False,
autofill=True,
),
parameters.Flag(
'pkey_only',
required=False,
label=_(u'Primary key only'),
doc=_(
u'Results should contain primary key attribute only ("anchor")'
),
default=False,
autofill=True,
),
)
has_output = (
output.Output(
'summary',
(unicode, type(None)),
doc=_(u'User-friendly description of action performed'),
),
output.ListOfEntries('result', ),
output.Output(
'count',
int,
doc=_(u'Number of entries returned'),
),
output.Output(
'truncated',
bool,
doc=_(u'True if not all results were returned'),
),
)
