diff options
author | Rich Megginson <rmeggins@redhat.com> | 2008-09-11 10:56:55 -0600 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2008-10-13 14:15:18 -0400 |
commit | 1555dadc186d862eb4c42885575ebeedcdf35084 (patch) | |
tree | bf823efd6ed0485f2be2647934e27192ad08353e /ipa-server/ipa-install | |
parent | fa51e61c6f768edeec6fe3d6063d86a1c719b637 (diff) | |
download | freeipa-1555dadc186d862eb4c42885575ebeedcdf35084.tar.gz freeipa-1555dadc186d862eb4c42885575ebeedcdf35084.tar.xz freeipa-1555dadc186d862eb4c42885575ebeedcdf35084.zip |
Added support to IPA server install to install the winsync plugin configuration entry Added support to ipa-replica-manage to add winsync agreements. I mostly used the existing code for setting up replication agreements since replication and winsync are quite similar in their configuration. I just had to add some extra attributes to the sync agreement configuration. The tricky part was importing the Windows CA cert.
Diffstat (limited to 'ipa-server/ipa-install')
-rw-r--r-- | ipa-server/ipa-install/ipa-replica-manage | 36 |
1 files changed, 32 insertions, 4 deletions
diff --git a/ipa-server/ipa-install/ipa-replica-manage b/ipa-server/ipa-install/ipa-replica-manage index 78cfe88e5..2021eab68 100644 --- a/ipa-server/ipa-install/ipa-replica-manage +++ b/ipa-server/ipa-install/ipa-replica-manage @@ -34,11 +34,21 @@ def parse_options(): parser.add_option("-p", "--password", dest="dirman_passwd", help="Directory Manager password") parser.add_option("-v", "--verbose", dest="verbose", action="store_true", default=False, help="provide additional information") + parser.add_option("--port", type="int", dest="port", + help="port number of other server") + parser.add_option("--binddn", dest="binddn", + help="Bind DN to use with remote server") + parser.add_option("--bindpw", dest="bindpw", + help="Password for Bind DN to use with remote server") + parser.add_option("--winsync", dest="winsync", action="store_true", default=False, + help="This is a Windows Sync Agreement") + parser.add_option("--cacert", dest="cacert", + help="Full path and filename of CA certificate to use with TLS/SSL to the remote server") options, args = parser.parse_args() if not len(args) or not ("list" in args[0] or "add" in args[0] or "del" in args[0] or "init" in args[0] or "synch" in args[0]): - parser.error("must provide a comment [list | add | del | init | synch]") + parser.error("must provide a command [list | add | del | init | synch]") return options, args @@ -81,8 +91,26 @@ def del_master(replman, hostname): replman.delete_agreement(other_replman.conn) other_replman.delete_agreement(replman.conn) -def add_master(replman, hostname): - replman.setup_replication(hostname, get_realm_name()) +def add_master(replman, hostname, options): + other_args = {} + if options.winsync: + # these are the parameters required to create a winsync agreement + other_args['winsync'] = True + if options.port: + other_args['port'] = options.port + other_args['binddn'] = options.binddn + other_args['bindpw'] = options.bindpw + other_args['cacert'] = options.cacert + # have to install the windows ca cert before doing anything else + ds = dsinstance.DsInstance(realm_name = get_realm_name(), + dm_password = replman.dirman_passwd) + if not ds.add_ca_cert(options.cacert): + logging.error("Could not load the required CA certificate file [%s] - cannot add winsync agreement" % + options.cacert) + sys.exit(1) + # have to reconnect replman connection since the directory server was restarted + replman = replication.ReplicationManager(replman.hostname, replman.dirman_passwd) + replman.setup_replication(hostname, get_realm_name(), **other_args) def init_master(replman, dirman_passwd, hostname): filter = "(&(nsDS5ReplicaHost=%s)(objectclass=nsds5ReplicationAgreement))" % hostname @@ -133,7 +161,7 @@ def main(): if len(args) != 2: print "must provide hostname of master to add" sys.exit(1) - add_master(r, args[1]) + add_master(r, args[1], options) elif args[0] == "init": if len(args) != 2: print "hostname of supplier to initialize from is required." |