ipa-client discovery with anonymous access off

When RootDSE could be read (nsslapd-allow-anonymous-access set to "rootdse"), autodiscovery module failed to report success to the client installer. Remove faulty "verified_servers" flag from autodiscovery module as it has no point since we consider both scenarios (IPA server with anonymous access on and unknown LDAP server with anonymous access off) as success. https://fedorahosted.org/freeipa/ticket/3519
2025-02-25 18:55:28 -06:00 · 2013-03-19 08:57:18 +01:00 · 2013-03-19 08:57:18 +01:00 · be54d1deb5
commit be54d1deb5
parent 6c85b88874
1 changed files with 1 additions and 5 deletions
--- a/ipa-client/ipaclient/ipadiscovery.py
+++ b/ipa-client/ipaclient/ipadiscovery.py
@ -234,7 +234,6 @@ class IPADiscovery(object):
        ldapaccess = True
        root_logger.debug("[LDAP server check]")
        valid_servers = []
-        verified_servers = False # is at least one server valid?
        for server in servers:
            root_logger.debug('Verifying that %s (realm %s) is an IPA server',
                server, self.realm)
@ -249,7 +248,6 @@ class IPADiscovery(object):
                valid_servers.append(server)
                # verified, we actually talked to the remote server and it
                # is definetely an IPA server
-                verified_servers = True
                if autodiscovered:
                    # No need to keep verifying servers if we discovered them
                    # via DNS
@ -285,14 +283,12 @@ class IPADiscovery(object):
            self.realm_source = 'Assumed same as domain'
            root_logger.debug(
                "Assuming realm is the same as domain: %s", self.realm)
-            verified_servers = True

        if not ldapaccess and self.basedn is None:
            # Generate suffix from realm
            self.basedn = realm_to_suffix(self.realm)
            self.basedn_source = 'Generated from Kerberos realm'
            root_logger.debug("Generated basedn from realm: %s" % self.basedn)
-            verified_servers = True

        root_logger.debug(
            "Discovery result: %s; server=%s, domain=%s, kdc=%s, basedn=%s",
@ -304,7 +300,7 @@ class IPADiscovery(object):

        # If we have any servers left then override the last return value
        # to indicate success.
-        if verified_servers:
+        if valid_servers:
            self.server = servers[0]
            ldapret[0] = 0