mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
Fix ipa-server-upgrade
Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Francois Cami <fcami@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
This commit is contained in:
parent
51035d9354
commit
1e00748f18
@ -491,7 +491,7 @@ cn: ${REALM}_subid_range
|
|||||||
ipaBaseID: eval($SUBID_RANGE_START)
|
ipaBaseID: eval($SUBID_RANGE_START)
|
||||||
ipaIDRangeSize: eval($SUBID_RANGE_SIZE)
|
ipaIDRangeSize: eval($SUBID_RANGE_SIZE)
|
||||||
# HACK: RIDs to work around adtrust sidgen issue
|
# HACK: RIDs to work around adtrust sidgen issue
|
||||||
ipaBaseRID: eval($SUBID_RANGE_START - $IDRANGE_SIZE)
|
ipaBaseRID: eval($SUBID_BASE_RID)
|
||||||
# 738065-838566 = IPA-SUB
|
# 738065-838566 = IPA-SUB
|
||||||
ipaNTTrustedDomainSID: S-1-5-21-738065-838566-$DOMAIN_HASH
|
ipaNTTrustedDomainSID: S-1-5-21-738065-838566-$DOMAIN_HASH
|
||||||
# HACK: "ipa-local-subid" range type causes issues with older SSSD clients
|
# HACK: "ipa-local-subid" range type causes issues with older SSSD clients
|
||||||
|
@ -102,7 +102,7 @@ default: cn: ${REALM}_subid_range
|
|||||||
default: ipaBaseID: $SUBID_RANGE_START
|
default: ipaBaseID: $SUBID_RANGE_START
|
||||||
default: ipaIDRangeSize: $SUBID_RANGE_SIZE
|
default: ipaIDRangeSize: $SUBID_RANGE_SIZE
|
||||||
# HACK: RIDs to work around adtrust sidgen issue
|
# HACK: RIDs to work around adtrust sidgen issue
|
||||||
default: ipaBaseRID: eval($SUBID_RANGE_START - $IDRANGE_SIZE)
|
default: ipaBaseRID: eval($SUBID_BASE_RID)
|
||||||
default: ipaNTTrustedDomainSID: S-1-5-21-738065-838566-$DOMAIN_HASH
|
default: ipaNTTrustedDomainSID: S-1-5-21-738065-838566-$DOMAIN_HASH
|
||||||
# HACK: "ipa-local-subid" range type causes issues with older SSSD clients
|
# HACK: "ipa-local-subid" range type causes issues with older SSSD clients
|
||||||
# see https://github.com/SSSD/sssd/issues/5571
|
# see https://github.com/SSSD/sssd/issues/5571
|
||||||
|
@ -59,8 +59,10 @@ def get_sub_dict(realm, domain, suffix, fqdn, idstart=None, idmax=None):
|
|||||||
"""
|
"""
|
||||||
if idstart is None:
|
if idstart is None:
|
||||||
idrange_size = None
|
idrange_size = None
|
||||||
|
subid_base_rid = None
|
||||||
else:
|
else:
|
||||||
idrange_size = idmax - idstart + 1
|
idrange_size = idmax - idstart + 1
|
||||||
|
subid_base_rid = constants.SUBID_RANGE_START - idrange_size
|
||||||
|
|
||||||
return dict(
|
return dict(
|
||||||
REALM=realm,
|
REALM=realm,
|
||||||
@ -81,6 +83,7 @@ def get_sub_dict(realm, domain, suffix, fqdn, idstart=None, idmax=None):
|
|||||||
SUBID_RANGE_SIZE=constants.SUBID_RANGE_SIZE,
|
SUBID_RANGE_SIZE=constants.SUBID_RANGE_SIZE,
|
||||||
SUBID_RANGE_MAX=constants.SUBID_RANGE_MAX,
|
SUBID_RANGE_MAX=constants.SUBID_RANGE_MAX,
|
||||||
SUBID_DNA_THRESHOLD=constants.SUBID_DNA_THRESHOLD,
|
SUBID_DNA_THRESHOLD=constants.SUBID_DNA_THRESHOLD,
|
||||||
|
SUBID_BASE_RID=subid_base_rid,
|
||||||
DOMAIN_HASH=murmurhash3(domain, len(domain), 0xdeadbeef),
|
DOMAIN_HASH=murmurhash3(domain, len(domain), 0xdeadbeef),
|
||||||
MAX_DOMAIN_LEVEL=constants.MAX_DOMAIN_LEVEL,
|
MAX_DOMAIN_LEVEL=constants.MAX_DOMAIN_LEVEL,
|
||||||
MIN_DOMAIN_LEVEL=constants.MIN_DOMAIN_LEVEL,
|
MIN_DOMAIN_LEVEL=constants.MIN_DOMAIN_LEVEL,
|
||||||
|
Loading…
Reference in New Issue
Block a user