adtrust-install: Correctly determine 4.2 FreeIPA servers

We need to detect a list of FreeIPA 4.2 (and above) servers, since
only there is the required version of SSSD present.

Since the maximum domain level for 4.2 is 0 (and not 1), we can filter
for any value of ipaMaxDomainLevel / ipaMinDomainLevel attributes
to generate the list.

https://fedorahosted.org/freeipa/ticket/5199

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>

install/tools/ipa-adtrust-install

@@ -396,7 +396,7 @@ def main():
             # Search only masters which have support for domain levels
             # because only these masters will have SSSD recent enough to support AD trust agents
             (entries_m, truncated) = smb.admin_conn.find_entries(
-                filter="(&(objectclass=ipaSupportedDomainLevelConfig)(!(ipaMaxDomainLevel=0)))",
+                filter="(&(objectclass=ipaSupportedDomainLevelConfig)(ipaMaxDomainLevel=*)(ipaMinDomainLevel=*))",
                 base_dn=masters_dn, attrs_list=['cn'], scope=ldap.SCOPE_ONELEVEL)
         except errors.NotFound:
             pass