Run ipa-client-install after server install bits

ipa-client/ipa-install/ipa-client-install

@@ -46,6 +46,8 @@ def parse_options():
                       help="unattended installation never prompts the user")
     parser.add_option("-N", "--no-ntp", action="store_false",
                       help="do not configure ntp", default=True, dest="conf_ntp")
+    parser.add_option("--on-master", dest="on_master", action="store_true",
+                      help="use this option when run on a master", default=False)
 
     options, args = parser.parse_args()
 
@@ -162,7 +164,7 @@ def main():
             {'name':'nss_map_attribute', 'type':'option', 'value':'uniqueMember member'},
             {'name':'base', 'type':'option', 'value':ds.getBaseDN()},
             {'name':'ldap_version', 'type':'option', 'value':'3'}]
-    if not dnsok or options.force:
+    if not dnsok or options.force or options.on_master:
         opts.append({'name':'uri', 'type':'option', 'value':'ldap://'+ds.getServerName()})
 
     opts.append({'name':'empty', 'type':'empty'})
@@ -176,7 +178,7 @@ def main():
     krbctx = krbV.default_context()
     # If we find our domain assume we are properly configured
     #(ex. we are configuring the client side of a Master)
-    if not krbctx.default_realm == ds.getRealmName() or options.force:
+    if not options.on_master and (not krbctx.default_realm == ds.getRealmName() or options.force):
 
         #Configure krb5.conf
         krbconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
@@ -232,10 +234,26 @@ def main():
     #Modify nsswitch to add nss_ldap
     run(["/usr/sbin/authconfig", "--enableldap", "--update"])
 
+    #Check nss_ldap is working properly
+    if not options.on_master:
+        try:
+            run(["getent", "passwd", "admin"])
+        except Exception, e:
+            print "nss_ldap is not able to use DNS disccovery!"
+            print "Changing configuration to use hardcoded server name: " + ds.getServerName()
+
+            opts = [{'name':'uri', 'type':'option', 'value':'ldap://'+ds.getServerName()},
+                    {'name':'empty', 'type':'empty'}]
+            try:
+                ldapconf.changeConf("/etc/ldap.conf", opts)
+            except Exception, e:
+                print "Configuration failed: " + str(e)
+                return 1
+
     #Modify pam to add pam_krb5
     run(["/usr/sbin/authconfig", "--enablekrb5", "--update"])
 
-    if options.conf_ntp:
+    if options.conf_ntp and not options.on_master:
         ipaclient.ntpconf.config_ntp(ds.getServerName())
 
     print "Client configuration complete."

ipa-server/ipa-install/ipa-replica-install

@@ -134,7 +134,7 @@ def main():
     installutils.standard_logging_setup("ipareplica-install.log", options.debug)
 
     top_dir, dir = expand_info(filename)
-    
+
     config = ReplicaConfig()
     read_info(dir, config)
     config.host_name = get_host_name()
@@ -172,7 +172,7 @@ def main():
         sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
 
     install_ds(config)
-    
+
     repl = replication.ReplicationManager(config.host_name, config.dirman_password)
     if repl is None:
         raise RuntimeError("Unable to connect to LDAP server %s." % config.host_name)
@@ -184,7 +184,7 @@ def main():
 
     install_krb(config)
     install_http(config)
-    
+
     # Create a Web Gui instance
     webgui = httpinstance.WebGuiInstance()
     webgui.create_instance()
@@ -195,7 +195,14 @@ def main():
 
     service.restart("dirsrv")
     service.restart("krb5kdc")
-    
+
+    # Call client install script
+    try:
+        run(["/usr/sbin/ipa-client-install", "--on-master", "--unattended", "--domain", config.domain_name, "--server", config.host_name, "--realm", config.realm_name])
+    except Exception, e:
+        print "Configuration of client side components failed!"
+        print "ipa-client-install returned: " + str(e)
+        raise RuntimeError("Failed to configure the client")
 try:
     if not os.geteuid()==0:
         sys.exit("\nYou must be root to run this script.\n")

ipa-server/ipa-install/ipa-server-install

@@ -188,7 +188,7 @@ def read_ds_user():
     print "will give this user/group some permissions in specific paths/files"
     print "to perform server-specific operations."
     print ""
-    
+
     ds_user = ""
     try:
         pwd.getpwnam('dirsrv')
@@ -307,7 +307,7 @@ def main():
     if os.getegid() != 0:
         print "Must be root to setup server"
         return
-    
+
     signal.signal(signal.SIGTERM, signal_handler)
     signal.signal(signal.SIGINT, signal_handler)
 
@@ -357,7 +357,7 @@ def main():
         host_default = options.host_name
     else:
         host_default = get_fqdn()
-        
+
     if options.unattended:
         try:
             verify_fqdn(host_default)
@@ -397,7 +397,7 @@ def main():
             print "from the one provided on the command line.  Please fix your DNS"
             print "or /etc/hosts file and restart the installation."
             return "-Fatal Error-"
- 
+
     if options.unattended:
         if not ip:
             print "Unable to resolve IP address"
@@ -479,7 +479,7 @@ def main():
     # Restart ds and krb after configurations have been changed
     service.print_msg("restarting the directory server")
     ds.restart()
-    
+
     service.print_msg("restarting the KDC")
     krb.restart()
 
@@ -498,6 +498,14 @@ def main():
     fd.write("realm=" + realm_name + "\n")
     fd.close()
 
+    # Call client install script
+    try:
+        run(["/usr/sbin/ipa-client-install", "--on-master", "--unattended", "--domain", domain_name, "--server", host_name, "--realm", realm_name])
+    except Exception, e:
+        print "Configuration of client side components failed!"
+        print "ipa-client-install returned: " + str(e)
+        return "-Fatal Error-"
+
     print "=============================================================================="
     print "Setup complete"
     print ""