mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-23 15:40:01 -06:00
Query the remote server to see if this replica host already exists.
If it does then the installation will fail trying to set up the keytabs, and not in a way that you say "aha, it's because the host is already enrolled."
This commit is contained in:
parent
b29de6bf27
commit
8911c92c8d
@ -298,19 +298,6 @@ def main():
|
||||
config.repl_password = ipautil.ipa_generate_password()
|
||||
config.dir = dir
|
||||
|
||||
# Try out the password
|
||||
ldapuri = 'ldap://%s' % config.master_host_name
|
||||
try:
|
||||
conn = ldap2(shared_instance=False, ldap_uri=ldapuri, base_dn='')
|
||||
conn.connect(
|
||||
bind_dn='cn=directory manager', bind_pw=config.dirman_password
|
||||
)
|
||||
conn.disconnect()
|
||||
except errors.ACIError:
|
||||
sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
|
||||
except errors.LDAPError:
|
||||
sys.exit("\nUnable to connect to LDAP server %s" % config.master_host_name)
|
||||
|
||||
# Create the management framework config file
|
||||
# Note: We must do this before bootstraping and finalizing ipalib.api
|
||||
fd = open("/etc/ipa/default.conf", "w")
|
||||
@ -328,6 +315,29 @@ def main():
|
||||
api.bootstrap(in_server=True)
|
||||
api.finalize()
|
||||
|
||||
# Try out the password
|
||||
ldapuri = 'ldap://%s' % config.master_host_name
|
||||
try:
|
||||
conn = ldap2(shared_instance=False, ldap_uri=ldapuri, base_dn='')
|
||||
conn.connect(
|
||||
bind_dn='cn=directory manager', bind_pw=config.dirman_password
|
||||
)
|
||||
try:
|
||||
entry = conn.find_entries(u'fqdn=%s' % host, ['dn', 'fqdn'], u'%s,%s' % (api.env.container_host, api.env.basedn))
|
||||
print "The host %s already exists.\n" % host
|
||||
print "Remove the replication agreement, if any:"
|
||||
print " %% ipa-replica-manage del %s" % host
|
||||
print "Remove the host continue:"
|
||||
print " %% ipa host-del %s" % host
|
||||
sys.exit(3)
|
||||
except errors.NotFound:
|
||||
pass
|
||||
conn.disconnect()
|
||||
except errors.ACIError:
|
||||
sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
|
||||
except errors.LDAPError:
|
||||
sys.exit("\nUnable to connect to LDAP server %s" % config.master_host_name)
|
||||
|
||||
# Install CA cert so that we can do SSL connections with ldap
|
||||
install_ca_cert(config)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user