Re: Is there any documentation for the ipapython library ?
by White, Daniel E. (GSFC-770.0)[NICS]
Many thanks for the ansible pointer, Alexander.
As far as API automation, I see two immediate use-cases (and I will file an issue)
1. Some bundled commands for use by IdM admins for user management: Add a user along with all the necessary additional permissions. These would use the admin-user's current keytab.
2. Information gathering scripts. Is it possible to set up a read-only service keytab for this ?
I want to use Python to be able to capture and process the responses without all the extra console output of the command line.
______________________________________________________________________________________________
Daniel E. White
daniel.e.white(a)nasa.gov<mailto:daniel.e.white@nasa.gov>
NICS Linux Engineer
NASA Goddard Space Flight Center
8800 Greenbelt Road
Building 14, Room E175
Greenbelt, MD 20771
Office: (301) 286-6919
Mobile: (240) 513-5290
From: Alexander Bokovoy <abokovoy(a)redhat.com>
Date: Wednesday, February 12, 2020 at 01:42
To: FreeIPA users list <freeipa-users(a)lists.fedorahosted.org>
Cc: Daniel White <daniel.e.white(a)nasa.gov>, Rob Crittenden <rcritten(a)redhat.com>
Subject: [EXTERNAL] Re: [Freeipa-users] Re: Is there any documentation for the ipapython library ?
On ti, 11 helmi 2020, Rob Crittenden via FreeIPA-users wrote:
White, Daniel E. (GSFC-770.0)[NICS] via FreeIPA-users wrote:
I would like to create some python automation scripts using it.
Only the limited docs within the file(s) themselves + usage found
elsewhere within IPA.
We are trying to keep the API more stable than the past by deprecating
things we move but there is no guarantee (I've been bitten myself by
this in the past). So use with care.
Please also file tickets at pagure.io/freeipa/issues describing your
intended use of API. We are planning to create a simpler API on top of
existing one to make sure it is not preventing us to refactor internals
where possible. Knowing use cases would help a lot.
Also, ansible-freeipa project should provide you a healthy base for
automation. It does have wrappers for many objects already, beyond just
installing the servers and clients.
--
/ Alexander Bokovoy
Sr. Principal Software Engineer
Security / Identity Management Engineering
Red Hat Limited, Finland