diff options
author | Jan Cholasta <jcholast@redhat.com> | 2015-07-01 07:20:35 +0000 |
---|---|---|
committer | Jan Cholasta <jcholast@redhat.com> | 2015-07-01 13:05:30 +0000 |
commit | e43296ba9acb20342d2b6d4bb030d06deac39c2a (patch) | |
tree | 9eb730edd5e964fc2ef47a8d98f60f8818630227 /ipaserver | |
parent | 5b39bc10033888c9d5e25ce37d6a6796221f12ad (diff) | |
download | freeipa-e43296ba9acb20342d2b6d4bb030d06deac39c2a.tar.gz freeipa-e43296ba9acb20342d2b6d4bb030d06deac39c2a.tar.xz freeipa-e43296ba9acb20342d2b6d4bb030d06deac39c2a.zip |
replica prepare: Do not use entry after disconnecting from LDAP
https://fedorahosted.org/freeipa/ticket/3090
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/install/ipa_replica_prepare.py | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py index c2e7a0fb5..46ac886e5 100644 --- a/ipaserver/install/ipa_replica_prepare.py +++ b/ipaserver/install/ipa_replica_prepare.py @@ -197,8 +197,13 @@ class ReplicaPrepare(admintool.AdminTool): conn = api.Backend.ldap2 conn.connect(bind_dn=DN(('cn', 'directory manager')), bind_pw=self.dirman_password) + entry_attrs = conn.get_ipa_config() + self.subject_base = entry_attrs.get( + 'ipacertificatesubjectbase', [None])[0] + ca_enabled = api.Command.ca_is_enabled()['result'] + conn.disconnect() except errors.ACIError: raise admintool.ScriptError("The password provided is incorrect " @@ -215,8 +220,6 @@ class ReplicaPrepare(admintool.AdminTool): "--http-cert-file, --dirsrv-cert-file options to provide " "custom certificates.") - self.subject_base = entry_attrs.get( - 'ipacertificatesubjectbase', [None])[0] if self.subject_base is not None: self.subject_base = DN(self.subject_base) |