Allow using Kerberos credentials with the 'connect' command

Now that we can setup GSSAPI authenticated replication we are not tied to use the Directory Manager password to set up replication agreements. Fixes: https://fedorahosted.org/freeipa/ticket/644
2025-02-25 18:55:28 -06:00 · 2011-01-12 10:33:36 -05:00
parent a0bfbec19f
commit cfa23b1c2a
2 changed files with 2 additions and 2 deletions
--- a/install/share/replica-acis.ldif
+++ b/install/share/replica-acis.ldif
@@ -3,7 +3,7 @@
 dn: cn="$SUFFIX",cn=mapping tree,cn=config
 changetype: modify
 add: aci
-aci: (targetattr=*)(targetfilter="(|(objectclass=nsds5replicationagreement)(objectclass=nsDSWindowsReplicationAgreement))")(version 3.0;acl "Add Replication Agreements";allow (add) groupdn = "ldap:///cn=addreplica,cn=permissions,cn=pbac,$SUFFIX";)
+aci: (targetattr=*)(version 3.0;acl "Add Replication Agreements";allow (add) groupdn = "ldap:///cn=addreplica,cn=permissions,cn=pbac,$SUFFIX";)

 dn: cn="$SUFFIX",cn=mapping tree,cn=config
 changetype: modify
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -368,7 +368,7 @@ def main():
    if options.dirman_passwd:
        dirman_passwd = options.dirman_passwd
    else:
-        if not test_connection(realm, host) or args[0] == "connect":
+        if not test_connection(realm, host):
            dirman_passwd = getpass.getpass("Directory Manager password: ")

    options.dirman_passwd = dirman_passwd