cainstance: Use LDAPClient instead of IPASimpleLDAPObject

Reviewed-By: Petr Viktorin <pviktori@redhat.com>
2025-02-25 18:55:28 -06:00 · 2015-04-08 11:32:21 +00:00
parent e1f7bcfbea
commit 8dca1cbd53
1 changed files with 8 additions and 7 deletions
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -1643,13 +1643,14 @@ def replica_ca_install_check(config):
    objectclass = 'ipaObject'
    root_logger.debug('Checking if IPA schema is present in %s', ca_ldap_url)
    try:
-        connection = ldap2.IPASimpleLDAPObject(
-            ca_ldap_url, force_schema_updates=False)
-        connection.start_tls_s()
-        connection.simple_bind_s(DN(('cn', 'Directory Manager')),
-                                config.dirman_password)
-        rschema = connection.schema
-        result = rschema.get_obj(ldap.schema.models.ObjectClass, objectclass)
+        with ipaldap.LDAPClient(ca_ldap_url,
+                                start_tls=True,
+                                force_schema_updates=False) as connection:
+            connection.simple_bind(DN(('cn', 'Directory Manager')),
+                                   config.dirman_password)
+            rschema = connection.schema
+            result = rschema.get_obj(ldap.schema.models.ObjectClass,
+                                     objectclass)
    except Exception:
        root_logger.critical(
            'CA DS schema check failed. Make sure the PKI service on the '