freeipa/ipaserver
Florence Blanc-Renaud 2a227c240f ipa-replica-install: fix pkinit setup
commit 7284097 (Delay enabling services until end of installer)
introduced a regression in replica installation.
When the replica requests a cert for PKINIT, a check is done
to ensure that the hostname corresponds to a machine with a
KDC service enabled (ipaconfigstring attribute of
cn=KDC,cn=<hostname>,cn=masters,cn=ipa,cn=etc,$BASEDN must contain
'enabledService').
With the commit mentioned above, the service is set to enabled only
at the end of the installation.

The fix makes a less strict check, ensuring that 'enabledService'
or 'configuredService' is in ipaconfigstring.

Fixes: https://pagure.io/freeipa/issue/7566
Reviewed-By: Christian Heimes <cheimes@redhat.com>
2018-09-06 11:49:53 +02:00
..
advise ipa commands: print 'IPA is not configured' when ipa is not setup 2018-08-23 12:08:45 +02:00
dnssec Fix pylint 2.0 conditional-related violations 2018-07-12 08:49:43 +02:00
install ipa-server-install: do not perform forwarder validation with --no-dnssec-validation 2018-09-03 13:56:39 +02:00
plugins ipa-replica-install: fix pkinit setup 2018-09-06 11:49:53 +02:00
secrets Fix pylint 2.0 return-related violations 2018-07-11 10:11:38 +02:00
__init__.py Change FreeIPA license to GPLv3+ 2010-12-20 17:19:53 -05:00
dcerpc_common.py trust: detect and error out when non-AD trust with IPA domain name exists 2017-12-07 21:18:51 +02:00
dcerpc.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
dns_data_management.py Fix race condition in get_locations_records() 2018-07-09 14:36:42 +02:00
Makefile.am Build: Makefiles for Python packages 2016-11-09 13:08:32 +01:00
p11helper.py Fix Pylint 2.0 violations 2018-07-14 12:04:19 +02:00
rpcserver.py Add endpoint for serving i18n requests 2018-07-17 15:32:28 -04:00
servroles.py Removes NTP server role from servroles and description 2018-04-09 11:00:02 -04:00
setup.cfg Port all setup.py to setuptools 2016-10-20 18:43:37 +02:00
setup.py Cleanup shebang and executable bit 2018-07-05 19:46:42 +02:00
topology.py fix incorrect suffix handling in topology checks 2017-06-05 18:37:37 +02:00