ipaserver.plugins.certmap.check_maprule_is_for_trusted_domain

ipaserver.plugins.certmap.check_maprule_is_for_trusted_domain(api_inst, options, entry_attrs)[source]

Check that the certmap rule references altSecurityIdentities and associateddomain in options is a trusted domain.

Parameters
  • api_inst – API instance

  • options – options passed to the command at least ipacertmapmaprule and associateddomain options are expected for the check

Raises

ValidationError if altSecurityIdentities is present in the rule but no Active Directory trusted domain listed in associated domains