diff options
| author | Alexander Bokovoy <abokovoy@redhat.com> | 2012-03-27 13:06:33 +0300 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-06-07 09:39:10 +0200 |
| commit | ae2d5edd1ab8b60a36e93432f522470ae9b858fb (patch) | |
| tree | 5bc7cd4e2c13e8c41f71a641c1b8caf37286f485 | |
| parent | 69506294650e11d6abec6f24d9414cdfdd16a81b (diff) | |
| download | freeipa-ae2d5edd1ab8b60a36e93432f522470ae9b858fb.tar.gz freeipa-ae2d5edd1ab8b60a36e93432f522470ae9b858fb.tar.xz freeipa-ae2d5edd1ab8b60a36e93432f522470ae9b858fb.zip | |
Restart KDC after installing trust support to allow MS PAC generation
Also make sure all exceptions are captured when creating CIFS service
record. The one we care about is duplicate entry and we do nothing
in that case anyway.
Also make uniform use of action descriptors.
| -rw-r--r-- | ipaserver/install/adtrustinstance.py | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py index 38f9eaecc..d9609f4c2 100644 --- a/ipaserver/install/adtrustinstance.py +++ b/ipaserver/install/adtrustinstance.py @@ -32,6 +32,7 @@ from ipalib import errors, api from ipapython import sysrestore from ipapython import ipautil from ipapython.ipa_log_manager import * +from ipapython import services as ipaservices import string import struct @@ -285,7 +286,7 @@ class ADTRUSTInstance(service.Service): try: api.Command.service_add(unicode(cifs_principal)) - except errors.DuplicateEntry, e: + except Exception, e: # CIFS principal already exists, it is not the first time adtrustinstance is managed # That's fine, we we'll re-extract the key again. pass @@ -369,6 +370,12 @@ class ADTRUSTInstance(service.Service): except: pass + def __restart_kdc(self): + try: + ipaservices.knownservices.krb5kdc.restart() + except: + pass + def __enable(self): self.backup_state("enabled", self.is_enabled()) # We do not let the system start IPA components on its own, @@ -418,20 +425,22 @@ class ADTRUSTInstance(service.Service): self.ldap_connect() self.step("stopping smbd", self.__stop) - self.step("create samba user", self.__create_samba_user) - self.step("create samba domain object", \ + self.step("creating samba user", self.__create_samba_user) + self.step("creating samba domain object", \ self.__create_samba_domain_object) - self.step("create samba config registry", self.__write_smb_registry) + self.step("creating samba config registry", self.__write_smb_registry) self.step("writing samba config file", self.__write_smb_conf) self.step("setting password for the samba user", \ self.__set_smb_ldap_password) - self.step("Adding cifs Kerberos principal", self.__setup_principal) - self.step("Adding admin(group) SIDs", self.__add_admin_sids) - self.step("Activation CLDAP plugin", self.__add_cldap_module) + self.step("adding cifs Kerberos principal", self.__setup_principal) + self.step("adding admin(group) SIDs", self.__add_admin_sids) + self.step("activating CLDAP plugin", self.__add_cldap_module) self.step("configuring smbd to start on boot", self.__enable) if not self.no_msdcs: self.step("adding special DNS service records", \ self.__add_dns_service_records) + self.step("restarting KDC to take MS PAC changes into account", \ + self.__restart_kdc) self.step("starting smbd", self.__start) self.start_creation("Configuring smbd:") |