IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

replication: ensure bind DN group check interval is set on replica config

Browse Source 
This is a safeguard ensuring valid replica configuration against incorrectly
upgraded masters lacking 'nsds5replicabinddngroupcheckinterval' attribute on
their domain/ca topology config.

https://fedorahosted.org/freeipa/ticket/6508

Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
This commit is contained in:
Martin Babinsky
2016-11-23 16:58:39 +01:00
committed by Martin Basti
parent 73d0d03891
commit 266b9d9c6c
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ipaserver/install/replication.py
View File

@@ -456,6 +456,12 @@ class ReplicationManager(object):
if self.repl_man_group_dn not in binddn_groups: if self.repl_man_group_dn not in binddn_groups:
mod.append((ldap.MOD_ADD, 'nsds5replicabinddngroup', mod.append((ldap.MOD_ADD, 'nsds5replicabinddngroup',
self.repl_man_group_dn)) self.repl_man_group_dn))
if 'nsds5replicabinddngroupcheckinterval' not in entry:
mod.append(
(ldap.MOD_ADD,
'nsds5replicabinddngroupcheckinterval',
'60'))
if mod: if mod:
conn.modify_s(dn, mod) conn.modify_s(dn, mod)