Fix winsync agreements creation

Due to recent addition of ID range support to DsInstance, the class
could no longer be instantiated when realm_name was passed but
ID range parameters were not. This condition broke winsync agreements
creation in ipa-replica-manage.

Make sure that ID range computation in DsInstance does not crash in
this cases so that winsync replica can be created. Also convert --binddn
option of ipa-replica-manage script to IPA native DN type so that
setup_agreement does not crash.

https://fedorahosted.org/freeipa/ticket/2987

ipapython/config.py

@@ -22,6 +22,7 @@ from optparse import Option, Values, OptionParser, IndentedHelpFormatter, Option
 from copy import copy
 from dns import resolver, rdatatype
 from dns.exception import DNSException
+from ipapython.dn import DN
 import dns.name
 
 import socket
@@ -59,15 +60,22 @@ def check_ip_option(option, opt, value):
     except Exception as e:
         raise OptionValueError("option %s: invalid IP address %s: %s" % (opt, value, e))
 
+def check_dn_option(option, opt, value):
+    try:
+        return DN(value)
+    except Exception, e:
+        raise OptionValueError("option %s: invalid DN: %s" % (opt, e))
+
 class IPAOption(Option):
     """
     optparse.Option subclass with support of options labeled as
     security-sensitive such as passwords.
     """
     ATTRS = Option.ATTRS + ["sensitive", "ip_local", "ip_netmask"]
-    TYPES = Option.TYPES + ("ip",)
+    TYPES = Option.TYPES + ("ip", "dn")
     TYPE_CHECKER = copy(Option.TYPE_CHECKER)
     TYPE_CHECKER["ip"] = check_ip_option
+    TYPE_CHECKER["dn"] = check_dn_option
 
 class IPAOptionParser(OptionParser):
     """