mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
Query the remote server to see if this replica host already exists.
If it does then the installation will fail trying to set up the keytabs, and not in a way that you say "aha, it's because the host is already enrolled."
This commit is contained in:
parent
b29de6bf27
commit
8911c92c8d
@ -298,19 +298,6 @@ def main():
|
|||||||
config.repl_password = ipautil.ipa_generate_password()
|
config.repl_password = ipautil.ipa_generate_password()
|
||||||
config.dir = dir
|
config.dir = dir
|
||||||
|
|
||||||
# Try out the password
|
|
||||||
ldapuri = 'ldap://%s' % config.master_host_name
|
|
||||||
try:
|
|
||||||
conn = ldap2(shared_instance=False, ldap_uri=ldapuri, base_dn='')
|
|
||||||
conn.connect(
|
|
||||||
bind_dn='cn=directory manager', bind_pw=config.dirman_password
|
|
||||||
)
|
|
||||||
conn.disconnect()
|
|
||||||
except errors.ACIError:
|
|
||||||
sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
|
|
||||||
except errors.LDAPError:
|
|
||||||
sys.exit("\nUnable to connect to LDAP server %s" % config.master_host_name)
|
|
||||||
|
|
||||||
# Create the management framework config file
|
# Create the management framework config file
|
||||||
# Note: We must do this before bootstraping and finalizing ipalib.api
|
# Note: We must do this before bootstraping and finalizing ipalib.api
|
||||||
fd = open("/etc/ipa/default.conf", "w")
|
fd = open("/etc/ipa/default.conf", "w")
|
||||||
@ -328,6 +315,29 @@ def main():
|
|||||||
api.bootstrap(in_server=True)
|
api.bootstrap(in_server=True)
|
||||||
api.finalize()
|
api.finalize()
|
||||||
|
|
||||||
|
# Try out the password
|
||||||
|
ldapuri = 'ldap://%s' % config.master_host_name
|
||||||
|
try:
|
||||||
|
conn = ldap2(shared_instance=False, ldap_uri=ldapuri, base_dn='')
|
||||||
|
conn.connect(
|
||||||
|
bind_dn='cn=directory manager', bind_pw=config.dirman_password
|
||||||
|
)
|
||||||
|
try:
|
||||||
|
entry = conn.find_entries(u'fqdn=%s' % host, ['dn', 'fqdn'], u'%s,%s' % (api.env.container_host, api.env.basedn))
|
||||||
|
print "The host %s already exists.\n" % host
|
||||||
|
print "Remove the replication agreement, if any:"
|
||||||
|
print " %% ipa-replica-manage del %s" % host
|
||||||
|
print "Remove the host continue:"
|
||||||
|
print " %% ipa host-del %s" % host
|
||||||
|
sys.exit(3)
|
||||||
|
except errors.NotFound:
|
||||||
|
pass
|
||||||
|
conn.disconnect()
|
||||||
|
except errors.ACIError:
|
||||||
|
sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
|
||||||
|
except errors.LDAPError:
|
||||||
|
sys.exit("\nUnable to connect to LDAP server %s" % config.master_host_name)
|
||||||
|
|
||||||
# Install CA cert so that we can do SSL connections with ldap
|
# Install CA cert so that we can do SSL connections with ldap
|
||||||
install_ca_cert(config)
|
install_ca_cert(config)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user