Catch ACIError instead of invalid credentials

ipaldap's LDAPClient client turns INVALID_CREDENTIAL error into ACIError. Catch the ACIError and wait until the user has been replicated. Apparently no manual or automated test ran into the timeout during testing. Fixes: Fixes: https://pagure.io/freeipa/issue/7593 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2025-02-25 18:55:28 -06:00 · 2018-06-29 11:08:45 +02:00 · 2018-06-29 11:08:45 +02:00 · 52cdd213b4
commit 52cdd213b4
parent 0128b3f92e
1 changed files with 2 additions and 1 deletions
--- a/ipaserver/install/dogtaginstance.py
+++ b/ipaserver/install/dogtaginstance.py
@ -472,7 +472,8 @@ class DogtagInstance(service.Service):
            time.sleep(1)
            try:
                master_conn.simple_bind(self.admin_dn, self.admin_password)
-            except ldap.INVALID_CREDENTIALS:
+            except errors.ACIError:
+                # user not replicated yet
                pass
            else:
                logger.debug("Successfully logged in as %s", self.admin_dn)