Setup bind only after restarting kdc and dirsrv

BIND starting before we apply LDAP updates and restart kdc and directory
server causes trouble. We resolve this for now by postponing BIND setup
to the end of installation. Another reason is that we will be using
xml-rpc during the setup in the future.

install/tools/ipa-replica-install

@@ -310,8 +310,6 @@ def main():
 
     install_krb(config)
     install_http(config)
-    if options.setup_dns:
-        install_bind(config)
     if CA:
         CA.import_ra_cert(dir + "/ra.p12")
         CA.fix_ra_perms()
@@ -344,6 +342,9 @@ def main():
     service.restart("dirsrv")
     service.restart("krb5kdc")
 
+    if options.setup_dns:
+        install_bind(config, options)
+
     # Call client install script
     try:
         ipautil.run(["/usr/sbin/ipa-client-install", "--on-master", "--unattended", "--domain", config.domain_name, "--server", config.host_name, "--realm", config.realm_name])

install/tools/ipa-server-install

@@ -633,14 +633,6 @@ def main():
         fd.write("enable_ra=True\n")
     fd.close()
 
-    # Create a BIND instance
-    bind = bindinstance.BindInstance(fstore, dm_password)
-    bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders)
-    if options.setup_dns:
-        bind.create_instance()
-    else:
-        bind.create_sample_bind_zone()
-
     # Apply any LDAP updates. Needs to be done after the configuration file
     # is created
     service.print_msg("Applying LDAP updates")
@@ -653,6 +645,14 @@ def main():
     service.print_msg("restarting the KDC")
     krb.restart()
 
+    # Create a BIND instance
+    bind = bindinstance.BindInstance(fstore, dm_password)
+    bind.setup(host_name, ip_address, realm_name, domain_name, dns_forwarders)
+    if options.setup_dns:
+        bind.create_instance()
+    else:
+        bind.create_sample_bind_zone()
+
     # Set the admin user kerberos password
     ds.change_admin_password(admin_password)