Skip to main content

Python module for kerberos admin (kadm5)

Project description

python-kadmin
=============

Python module for kerberos admin (kadm5)

## Initilization

### kadmin
```python
import kadmin

kadm = kadmin.init_with_keytab("user/admin@EXAMPLE.COM", "/path/to/keytab")
kadm = kadmin.init_with_ccache("user/admin@EXAMPLE.COM", "/path/to/krb5cc")
kadm = kadmin.init_with_password("user/admin@EXAMPLE.COM", "aStrongPassword")
```
### kadmin_local
used for direct database access as local root account.
```python
import kadmin_local as kadmin

kadm = kadmin.local();
```
\* kadmin\_local also supports the other init\_with\_<method> initializers whereas kadmin does not support local.
It is advised that kadmin_local is used for rapid unpacked iteration, other tasks should be handled by the gssapi connection.


##Examples:

###Principal Creation:

```python
>>>
>>> # ank, addprinc, add_principal are all aliases for principal creation
>>> # omitting a password or setting to None results in a randomized key
>>> # kadm.ank(principal [, password|None] [, db_args=db_args])
>>>
>>> kadm.ank("user@EXAMPLE.COM", "correcthorsebatterysaple")
>>> kadm.addprinc("user@EXAMPLE.COM", None)
>>> #
>>> kadm.add_principal("user@EXAMPLE.COM", None, db_args={'dn':'uid=user,ou=people,dc=example,dc=com'})
>>>
```

###Principal Attributes:
```python
>>> princ = kadm.getprinc("user@EXAMPLE.COM")
>>>
>>> # getters only
>>> princ.principal
>>> # get: unicode
>>>
>>> princ.name
>>> # get: unicode
>>>
>>> princ.mod_name
>>> # get: unicode
>>>
>>> princ.mod_date
>>> # get: datetime.datetime
>>>
>>> princ.last_pwd_change
>>> # get: [datetime.datetime|None]
>>>
>>> princ.last_success
>>> # get: [datetime.datetime|None]
>>>
>>> princ.last_failure
>>> # get: [datetime.datetime|None]
>>>
>>>
>>> #getters & setters
>>> princ.expire = datetime.datetime(2014, 12, 25)
>>> # get: datetime.datetime
>>> # set: [str|unicode|datetime.datetime|None]
>>>
>>> princ.pwexpire = u'Now'
>>> # get: datetime.datetime
>>> # set: [str|unicode|datetime.datetime|None]
>>>
>>> princ.maxlife = "8 Days"
>>> # get: datetime.timedelta
>>> # set: [str|unicode|datetime.timedelta|None]
>>>
>>> princ.maxrenewlife = datetime.timedelta(days=2)
>>> # get: datetime.timedelta
>>> # set: [str|unicode|datetime.timedelta|None]
>>>
>>> princ.policy = "strong_password_policy"
>>> # get: unicode
>>> # set: [str|unicode|kadmin.Policy]
>>>
>>> princ.kvno = 1
>>> # get: int
>>> # set: [int]
>>>
>>> # at this point the local copy of the principal is modified
>>> # the remote will not change until commit is called as shown
>>> princ.commit()
>>>
>>> # for an existing principal object discard local state and
>>> # fetch the state as it appears in the database
>>> princ.reload()



```

###Change a password:
```python
princ = kadm.get_princ("user@EXAMPLE.COM")
princ.change_password("correcthorsebatterystaple")
```

###Iteration:
```python
for princ in kadm.principals():
# princ is a string
print princ

for princ in kadm.principals('r*@EXAMPLE.COM'):
# princ is a string starting with 'r' and ending with '@EXAMPLE.COM'
print princ

# unpacked iteration
# prints each principal, data is optiona

def callback_a(princ, data):
print(princ)

def callback_b(princ, data):
print("{0}{1}".format(data, princ))

# invoke callback_a for each principal, equivilent of the above iteration.
kadm.each_principal(callback_a)

# invoke callback_b for each principal resulting in "Hello, principal@EXAMPLE.COM"
kadm.each_principal(callback_b, data="Hello, ")

#
# WARNING: unpack iteration deprecated in favor of "each iteration" with callbacks.
# unless run on the default backend via kadmin_local unpack iteration is *extremely* slow.
#

# old style unpack iteration [updated]
# replaces: kadm.principals('*', unpack=True)

for princ in kadm.principals('*'):
principal = kadm.get_princ(princ)
# use principal as needed

```

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

python-kadmin-0.1.2.tar.gz (56.2 kB view details)

Uploaded Source

File details

Details for the file python-kadmin-0.1.2.tar.gz.

File metadata

  • Download URL: python-kadmin-0.1.2.tar.gz
  • Upload date:
  • Size: 56.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for python-kadmin-0.1.2.tar.gz
Algorithm Hash digest
SHA256 eefed8b41c555176356e32a9dec31c65b4bcd05567784a511e5451223fb56c44
MD5 93b04e87574b857845b0fa1c94931051
BLAKE2b-256 8e80db00a44f980036388e62d70fe290c44dfa102687a5b16ed8a96e2124cf41

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page