mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 08:21:05 -06:00
replication: ensure bind DN group check interval is set on replica config
This is a safeguard ensuring valid replica configuration against incorrectly upgraded masters lacking 'nsds5replicabinddngroupcheckinterval' attribute on their domain/ca topology config. https://fedorahosted.org/freeipa/ticket/6508 Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
This commit is contained in:
parent
73d0d03891
commit
266b9d9c6c
@ -456,6 +456,12 @@ class ReplicationManager(object):
|
||||
if self.repl_man_group_dn not in binddn_groups:
|
||||
mod.append((ldap.MOD_ADD, 'nsds5replicabinddngroup',
|
||||
self.repl_man_group_dn))
|
||||
|
||||
if 'nsds5replicabinddngroupcheckinterval' not in entry:
|
||||
mod.append(
|
||||
(ldap.MOD_ADD,
|
||||
'nsds5replicabinddngroupcheckinterval',
|
||||
'60'))
|
||||
if mod:
|
||||
conn.modify_s(dn, mod)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user