mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
911992b8bf
When ipa-adtrust-install is run, the tool detects masters that are not enabled as trust agents and propose to configure them. With the current code, the Schema Compat plugin is not enabled on these new trust agents and a manual restart of LDAP server + SSSD is required. With this commit, ipa-adtrust-install now calls remote code on the new agents through JSON RPC api, in order to configure the missing parts. On the remote agent, the command is using DBus and oddjob to launch a new command, /usr/libexec/ipa/oddjob/org.freeipa.server.trust-enable-agent [--enable-compat] This command configures the Schema Compat plugin if --enable-compat is provided, then restarts LDAP server and SSSD. If the remote agent is an older version and does not support remote enablement, or if the remote server is not responding, the tool ipa-adtrust-install prints a WARNING explaining the steps that need to be manually executed in order to complete the installation, and exits successfully (keeping the current behavior). Fixes: https://pagure.io/freeipa/issue/7600 Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Sergey Orlov <sorlov@redhat.com> |
||
|---|---|---|
| .. | ||
| advise | ||
| dnssec | ||
| install | ||
| plugins | ||
| secrets | ||
| __init__.py | ||
| dcerpc_common.py | ||
| dcerpc.py | ||
| dns_data_management.py | ||
| Makefile.am | ||
| masters.py | ||
| p11helper.py | ||
| rpcserver.py | ||
| servroles.py | ||
| setup.cfg | ||
| setup.py | ||
| topology.py | ||