diff options
author | Pavel Zuna <pzuna@redhat.com> | 2011-02-15 14:11:27 -0500 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-03-03 14:04:34 -0500 |
commit | 64575a411b27dde7919406fdaf5bdec07c6645f3 (patch) | |
tree | ab0870adf6181f4457959f44fb936ec705f741d2 /install/tools/ipa-server-install | |
parent | eb6b3c7afc4065f12960f09791f2a5b645abef8b (diff) | |
download | freeipa-64575a411b27dde7919406fdaf5bdec07c6645f3.tar.gz freeipa-64575a411b27dde7919406fdaf5bdec07c6645f3.tar.xz freeipa-64575a411b27dde7919406fdaf5bdec07c6645f3.zip |
Use ldapi: instead of unsecured ldap: in ipa core tools.
The patch also corrects exception handling in some of the tools.
Fix #874
Diffstat (limited to 'install/tools/ipa-server-install')
-rwxr-xr-x | install/tools/ipa-server-install | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install index 6a030b973..fd202beae 100755 --- a/install/tools/ipa-server-install +++ b/install/tools/ipa-server-install @@ -444,13 +444,15 @@ def uninstall(): return 0 -def set_subject_in_config(host_name, dm_password, suffix, subject_base): - ldapuri = 'ldap://%s' % host_name +def set_subject_in_config(realm_name, dm_password, suffix, subject_base): + ldapuri = 'ldapi://%%2fvar%%2frun%%2fslapd-%s.socket' % ( + dsinstance.realm_to_serverid(realm_name) + ) try: conn = ldap2(shared_instance=False, ldap_uri=ldapuri, base_dn=suffix) conn.connect(bind_dn='cn=directory manager', bind_pw=dm_password) except errors.ExecutionError, e: - logging.critical("Could not connect to the Directory Server on %s" % host_name) + logging.critical("Could not connect to the Directory Server on %s" % realm_name) raise e (dn, entry_attrs) = conn.get_ipa_config() if 'ipacertificatesubjectbase' not in entry_attrs: @@ -851,7 +853,7 @@ def main(): http.create_instance(realm_name, host_name, domain_name, dm_password, autoconfig=True, self_signed_ca=options.selfsign, subject_base=options.subject) ipautil.run(["/sbin/restorecon", "/var/cache/ipa/sessions"]) - set_subject_in_config(host_name, dm_password, util.realm_to_suffix(realm_name), options.subject) + set_subject_in_config(realm_name, dm_password, util.realm_to_suffix(realm_name), options.subject) if not options.selfsign: service.print_msg("Setting the certificate subject base") ca.set_subject_in_config(util.realm_to_suffix(realm_name)) |