Configure Managed Entries on replicas.

The Managed Entries plugin configurations weren't being created on
replica installs. The templates were there but the cn=config
portions were not.

This patch adds them as updates. The template portion will be added
in the initial replication.

ticket 1222

install/share/host_nis_groups.ldif

@@ -11,6 +11,8 @@ mepMappedAttr: cn: $$cn
 mepMappedAttr: memberHost: $$dn
 mepMappedAttr: description: ipaNetgroup $$cn
 
+# Changes to this definition need to be reflected in
+# updates/20-host_nis_groups.update
 dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
 changetype: add
 objectclass: extensibleObject

install/share/user_private_groups.ldif

@@ -10,6 +10,8 @@ mepMappedAttr: cn: $$uid
 mepMappedAttr: gidNumber: $$uidNumber
 mepMappedAttr: description: User private group for $$uid
 
+# Changes to this definition need to be reflected in
+# updates/20-user_private_groups.update
 dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config
 changetype: add
 objectclass: extensibleObject

install/updates/20-host_nis_groups.update

@@ -0,0 +1,15 @@
+# This is a copy of the definition from host_nis_groups.ldif
+# This is required for replication. The template entry will get
+# replicated but the plugin configuration will not.
+
+dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
+default:objectclass: extensibleObject
+default:cn: NGP Definition
+default:originScope: cn=hostgroups,cn=accounts,$SUFFIX
+default:originFilter: objectclass=ipahostgroup
+default:managedBase: cn=ng,cn=alt,$SUFFIX
+default:managedTemplate: cn=NGP HGP Template,cn=etc,$SUFFIX
+
+# Fix an existing configuration with the wrong cn
+dn: cn=NGP Definition,cn=Managed Entries,cn=plugins,cn=config
+only:cn: NGP Definition

install/updates/20-user_private_groups.update

@@ -0,0 +1,11 @@
+# This is a copy of the definition from user_private_groups.ldif
+# This is required for replication. The template entry will get
+# replicated but the plugin configuration will not.
+
+dn: cn=UPG Definition,cn=Managed Entries,cn=plugins,cn=config
+default:objectclass: extensibleObject
+default:cn: UPG Definition
+default:originScope: cn=users,cn=accounts,$SUFFIX
+default:originFilter: (&(objectclass=posixAccount)(!(description=__no_upg__)))
+default:managedBase: cn=groups,cn=accounts,$SUFFIX
+default:managedTemplate: cn=UPG Template,cn=etc,$SUFFIX

install/updates/Makefile.am

@@ -8,9 +8,11 @@ app_DATA =				\
 	10-config.update		\
 	20-aci.update			\
 	20-dna.update			\
+	20-host_nis_groups.update	\
 	20-indices.update		\
 	20-nss_ldap.update		\
 	20-replication.update		\
+	20-user_private_groups.update	\
 	20-winsync_index.update		\
 	21-replicas_container.update	\
 	40-delegation.update		\

ipaserver/install/dsinstance.py

@@ -289,6 +289,8 @@ class DsInstance(service.Service):
         self.step("setting up initial replication", self.__setup_replica)
         self.step("adding replication acis", self.__add_replication_acis)
 
+        # Managed Entries configuration is done via update files
+
         self.__common_post_setup()
 
         self.start_creation("Configuring directory server", 60)