Server does not detect different server and IPA domain

Server installer does not properly recognize a situation when server
fqdn is not in a subdomain of the IPA domain, but shares the same
suffix.

For example, if server FQDN is ipa-idm.example.com and domain
is idm.example.com, server's FQDN is not in the main domain, but
installer does not recognize that. proper Kerberos realm-domain
mapping is not created in this case and server does not work
(httpd reports gssapi errors).

https://fedorahosted.org/freeipa/ticket/4012

ipaserver/install/krbinstance.py

@@ -24,6 +24,7 @@ import sys
 import os
 import pwd
 import socket
+import dns.name
 
 import service
 import installutils
@@ -237,15 +238,18 @@ class KrbInstance(service.Service):
 
         # IPA server/KDC is not a subdomain of default domain
         # Proper domain-realm mapping needs to be specified
-        dr_map = ''
-        if not self.fqdn.endswith(self.domain):
-            root_logger.debug("IPA FQDN '%s' is not located in default domain '%s'" \
-                    % (self.fqdn, self.domain))
-            server_host, dot, server_domain = self.fqdn.partition('.')
-            root_logger.debug("Domain '%s' needs additional mapping in krb5.conf" \
-                    % server_domain)
+        domain = dns.name.from_text(self.domain)
+        fqdn = dns.name.from_text(self.fqdn)
+        if not fqdn.is_subdomain(domain):
+            root_logger.debug("IPA FQDN '%s' is not located in default domain '%s'",
+                    fqdn, domain)
+            server_domain = fqdn.parent().to_unicode(omit_final_dot=True)
+            root_logger.debug("Domain '%s' needs additional mapping in krb5.conf",
+                server_domain)
             dr_map = " .%(domain)s = %(realm)s\n %(domain)s = %(realm)s\n" \
                         % dict(domain=server_domain, realm=self.realm)
+        else:
+            dr_map = ""
         self.sub_dict['OTHER_DOMAIN_REALM_MAPS'] = dr_map
 
     def __configure_sasl_mappings(self):