Probably should only delete keyFingerPrint if it exists

author Peter Palfrader <peter@palfrader.org>

Thu, 11 Mar 2010 21:23:35 +0000 (22:23 +0100)

committer Peter Palfrader <peter@palfrader.org>

Thu, 11 Mar 2010 21:23:35 +0000 (22:23 +0100)
author Peter Palfrader <peter@palfrader.org>
Thu, 11 Mar 2010 21:23:35 +0000 (22:23 +0100)
committer Peter Palfrader <peter@palfrader.org>
Thu, 11 Mar 2010 21:23:35 +0000 (22:23 +0100)
diff --git a/ud-lock b/ud-lock

index bfde9f8..6d56ddb 100755 (executable)
--- a/ud-lock
+++ b/ud-lock
@@ -122,9 +122,9 @@ def do_one_user(lc, user, ticket):
          print '  %s: %s'%(key, set[key])
          rec.append( (ldap.MOD_REPLACE, key, set[key]) )
  
-    print '  %s: deleting keyFingerPrint'%(user)
-    rec.append( (ldap.MOD_DELETE, 'keyFingerPrint', None) )
-
+    if u.numkeys() > 0:
+        print '  %s: deleting keyFingerPrint'%(user)
+        rec.append( (ldap.MOD_DELETE, 'keyFingerPrint', None) )
  
      if dry_run:
          print '(not committing)'
author	Peter Palfrader <peter@palfrader.org>
	Thu, 11 Mar 2010 21:23:35 +0000 (22:23 +0100)
committer	Peter Palfrader <peter@palfrader.org>
	Thu, 11 Mar 2010 21:23:35 +0000 (22:23 +0100)