Configure Managed Entries on replicas.

The Managed Entries plugin configurations weren't being created on replica installs. The templates were there but the cn=config portions were not. This patch adds them as updates. The template portion will be added in the initial replication. ticket 1222
2025-02-25 18:55:28 -06:00 · 2011-05-18 15:12:22 -04:00
parent 5a4f77ac14
commit 201ffc07bd
6 changed files with 34 additions and 0 deletions
--- a/install/share/host_nis_groups.ldif
+++ b/install/share/host_nis_groups.ldif
@@ -11,6 +11,8 @@ mepMappedAttr: cn: $$cn
 mepMappedAttr: memberHost: $$dn
 mepMappedAttr: description: ipaNetgroup $$cn

+# Changes to this definition need to be reflected in
+# updates/20-host_nis_groups.update
 dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
 changetype: add
 objectclass: extensibleObject
--- a/install/share/user_private_groups.ldif
+++ b/install/share/user_private_groups.ldif
@@ -10,6 +10,8 @@ mepMappedAttr: cn: $$uid
 mepMappedAttr: gidNumber: $$uidNumber
 mepMappedAttr: description: User private group for $$uid

+# Changes to this definition need to be reflected in
+# updates/20-user_private_groups.update
 dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config
 changetype: add
 objectclass: extensibleObject
--- a/install/updates/20-host_nis_groups.update
+++ b/install/updates/20-host_nis_groups.update
@@ -0,0 +1,15 @@
+# This is a copy of the definition from host_nis_groups.ldif
+# This is required for replication. The template entry will get
+# replicated but the plugin configuration will not.
+
+dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
+default:objectclass: extensibleObject
+default:cn: NGP Definition
+default:originScope: cn=hostgroups,cn=accounts,$SUFFIX
+default:originFilter: objectclass=ipahostgroup
+default:managedBase: cn=ng,cn=alt,$SUFFIX
+default:managedTemplate: cn=NGP HGP Template,cn=etc,$SUFFIX
+
+# Fix an existing configuration with the wrong cn
+dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
+only:cn: NGP Definition
--- a/install/updates/20-user_private_groups.update
+++ b/install/updates/20-user_private_groups.update
@@ -0,0 +1,11 @@
+# This is a copy of the definition from user_private_groups.ldif
+# This is required for replication. The template entry will get
+# replicated but the plugin configuration will not.
+
+dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config
+default:objectclass: extensibleObject
+default:cn: UPG Definition
+default:originScope: cn=users,cn=accounts,$SUFFIX
+default:originFilter: (&(objectclass=posixAccount)(!(description=__no_upg__)))
+default:managedBase: cn=groups,cn=accounts,$SUFFIX
+default:managedTemplate: cn=UPG Template,cn=etc,$SUFFIX
--- a/install/updates/Makefile.am
+++ b/install/updates/Makefile.am
@@ -8,9 +8,11 @@ app_DATA =				\
 	10-config.update		\
 	20-aci.update			\
 	20-dna.update			\
+	20-host_nis_groups.update	\
 	20-indices.update		\
 	20-nss_ldap.update		\
 	20-replication.update		\
+	20-user_private_groups.update	\
 	20-winsync_index.update		\
 	21-replicas_container.update	\
 	40-delegation.update		\
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -289,6 +289,8 @@ class DsInstance(service.Service):
        self.step("setting up initial replication", self.__setup_replica)
        self.step("adding replication acis", self.__add_replication_acis)

+        # Managed Entries configuration is done via update files
+
        self.__common_post_setup()

        self.start_creation("Configuring directory server", 60)