diff --git a/ipa-server/ipa-install/share/referint-conf.ldif b/ipa-server/ipa-install/share/referint-conf.ldif new file mode 100644 index 000000000..7a547ba50 --- /dev/null +++ b/ipa-server/ipa-install/share/referint-conf.ldif @@ -0,0 +1,7 @@ +dn: cn=referential integrity postoperation,cn=plugins,cn=config +changetype: modify +replace: nsslapd-pluginenabled +nsslapd-pluginenabled: on +nsslapd-pluginArg7: manager +nsslapd-pluginArg8: secretary + diff --git a/ipa-server/ipaserver/dsinstance.py b/ipa-server/ipaserver/dsinstance.py index 2b4d8f357..df71fe3fd 100644 --- a/ipa-server/ipaserver/dsinstance.py +++ b/ipa-server/ipaserver/dsinstance.py @@ -79,6 +79,7 @@ class DsInstance: self.__create_instance() self.__add_default_schemas() self.__add_memberof_module() + self.__add_referint_module() self.__create_indeces() self.__enable_ssl() self.__certmap_conf() @@ -168,6 +169,15 @@ class DsInstance: print "Failed to load memberof-conf.ldif", e memberof_fd.close() + def __add_referint_module(self): + referint_txt = template_file(SHARE_DIR + "referint-conf.ldif", self.sub_dict) + referint_fd = write_tmp_file(referint_txt) + try: + ldap_mod(referint_fd, "cn=Directory Manager", self.dm_password) + except subprocess.CalledProcessError, e: + print "Failed to load referint-conf.ldif", e + referint_fd.close() + def __enable_ssl(self): logging.debug("configuring ssl for ds instance") dirname = self.config_dirname()