Do not fail if there are multiple nsDS5ReplicaId values in cn=replication,cn=etc

On systems installed before #3394 was fixed and nsDS5ReplicaId became single-valued, there are two replica ID values stored in cn=replication: the default (3) and the actual value we want. Instead of failing when multiple values are found, use the largest one. https://fedorahosted.org/freeipa/ticket/4375 Reviewed-By: Martin Kosek <mkosek@redhat.com>
2025-02-25 18:55:28 -06:00 · 2014-06-12 18:07:40 +02:00 · 2014-06-12 18:07:40 +02:00 · 8c98561c20
commit 8c98561c20
parent a5bb758978
1 changed files with 7 additions and 2 deletions
--- a/ipaserver/install/replication.py
+++ b/ipaserver/install/replication.py
@ -238,12 +238,17 @@ class ReplicationManager(object):
            root_logger.debug("Unable to retrieve nsDS5ReplicaId from remote server")
            raise
        else:
-            if replica.single_value.get('nsDS5ReplicaId') is None:
+            id_values = replica.get('nsDS5ReplicaId')
+            if not id_values:
                root_logger.debug("Unable to retrieve nsDS5ReplicaId from remote server")
                raise RuntimeError("Unable to retrieve nsDS5ReplicaId from remote server")

+        # nsDS5ReplicaId is single-valued now, but historically it could
+        # contain multiple values, of which we need the highest.
+        # see bug: https://fedorahosted.org/freeipa/ticket/3394
+        retval = max(int(v) for v in id_values)
+
        # Now update the value on the master
-        retval = int(replica.single_value['nsDS5ReplicaId'])
        mod = [(ldap.MOD_REPLACE, 'nsDS5ReplicaId', str(retval + 1))]

        try: