migrate-ds: fix compat plugin check

After ACI refactoring, admin cannot read Schema Compatibility plugin configuration and therefore migrade-ds won't find if compat plugin is enabled.

Now the check si done by looking if cn=compat subtree is present.

https://fedorahosted.org/freeipa/ticket/4825

Reviewed-By: Jan Cholasta <jcholast@redhat.com>
This commit is contained in:
Petr Vobornik 2015-01-12 13:08:11 +01:00 committed by Jan Cholasta
parent 727f8099af
commit e6beaaccce

View File

@ -140,7 +140,6 @@ _dn_err_msg = _('Malformed DN')
_supported_schemas = (u'RFC2307bis', u'RFC2307')
_compat_dn = DN(('cn', 'Schema Compatibility'), ('cn', 'plugins'), ('cn', 'config'))
def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs):
assert isinstance(dn, DN)
@ -879,10 +878,8 @@ can use their Kerberos accounts.''')
#check whether the compat plugin is enabled
if not options.get('compat'):
try:
check_compat = ldap.get_entry(_compat_dn)
if check_compat is not None and \
check_compat.get('nsslapd-pluginenabled', [''])[0].lower() == 'on':
return dict(result={}, failed={}, enabled=True, compat=False)
ldap.get_entry(DN(('cn', 'compat'), (api.env.basedn)))
return dict(result={}, failed={}, enabled=True, compat=False)
except errors.NotFound:
pass