if record['dn'] in current_dns: email_map[record['dn']] = email # Now we have new_accounts which tells us which accounts to create # and identity_map which tells us how to map the identites to those accounts ac = AccountClient() # Make all the accounts from this list for account in new_accounts: try: print('Add account %s' % account) ac.add_account(account=account, type='USER', email=None) except (Duplicate, InvalidObject): print(' Account %s already exists or invalid' % account) # Add all the identities to the list for dn, accounts in identity_map.items(): email = email_map.get(dn, '*****@*****.**') for account in accounts: try: print('Add identity %s for %s' % (dn, account)) ac.add_identity(account=account, identity=dn, authtype='X509', email=email, default=False) except (Duplicate, InvalidObject, AccountNotFound): print(' Identity %s for %s already exists or invalid' % (dn, account))