Looking thru the testcode and older entries in the mailinglist there seems to be no easy way to push a certificate for a testuser via the LDAP connection with Python.
Using the openldap client is the only option I can think of. Are there any better ideas out there?
On Wed, Jan 20, 2021 at 11:41:49PM +0100, Per-Erik Persson wrote:
Looking thru the testcode and older entries in the mailinglist there seems to be no easy way to push a certificate for a testuser via the LDAP connection with Python.
Hi,
not sure if this is what you are looking for but there is python-ldap and e.g. http://www.grotan.com/ldap/python-ldap-samples.html#modify has an example how to modify and existing LDAP object.
HTH
bye, Sumit
Using the openldap client is the only option I can think of. Are there any better ideas out there?
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.o...
The problem seems to be that python-ldap refuses to push binary data. I can call the openldapclient and push the dercertificate via ldif. But I would not call that a viable solution.
Den tors 21 jan. 2021 08:03Sumit Bose sbose@redhat.com skrev:
On Wed, Jan 20, 2021 at 11:41:49PM +0100, Per-Erik Persson wrote:
Looking thru the testcode and older entries in the mailinglist there
seems
to be no easy way to push a certificate for a testuser via the LDAP connection with Python.
Hi,
not sure if this is what you are looking for but there is python-ldap and e.g. http://www.grotan.com/ldap/python-ldap-samples.html#modify has an example how to modify and existing LDAP object.
HTH
bye, Sumit
Using the openldap client is the only option I can think of. Are there any better ideas out there?
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-leave@lists.fedorahosted.org Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.o... _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.o...
On Thu, Jan 21, 2021 at 07:56:11PM +0100, Per-Erik Persson wrote:
The problem seems to be that python-ldap refuses to push binary data. I can call the openldapclient and push the dercertificate via ldif. But I would not call that a viable solution.
Hi,
are you using 'userCertificate;binary' as attribute name? In general I would expect that you can use python-ldap since FreeIPA is using it as well to add binary certificate data to LDAP.
bye, Sumit
Den tors 21 jan. 2021 08:03Sumit Bose sbose@redhat.com skrev:
On Wed, Jan 20, 2021 at 11:41:49PM +0100, Per-Erik Persson wrote:
Looking thru the testcode and older entries in the mailinglist there
seems
to be no easy way to push a certificate for a testuser via the LDAP connection with Python.
Hi,
not sure if this is what you are looking for but there is python-ldap and e.g. http://www.grotan.com/ldap/python-ldap-samples.html#modify has an example how to modify and existing LDAP object.
HTH
bye, Sumit
Using the openldap client is the only option I can think of. Are there any better ideas out there?
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-leave@lists.fedorahosted.org Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.o... _______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.o...
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.o...
sssd-devel@lists.fedorahosted.org
-
Per-Erik Persson -
Sumit Bose