diff options
Diffstat (limited to 'install')
| -rwxr-xr-x | install/tools/ipa-csreplica-manage | 58 |
1 files changed, 40 insertions, 18 deletions
diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage index 39cfa5851..5fce48a37 100755 --- a/install/tools/ipa-csreplica-manage +++ b/install/tools/ipa-csreplica-manage @@ -176,7 +176,7 @@ def list_replicas(realm, host, replica, dirman_passwd, verbose): peers[ent.getValue('cn')] = ['CA not configured', ''] except Exception, e: - sys.exit("Failed to get data from '%s': %s" % (host, convert_error(e))) + sys.exit("Failed to get data from '%s' while trying to list replicas: %s" % (host, convert_error(e))) finally: conn.unbind_s() @@ -205,18 +205,21 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False): repl1 = CSReplicationManager(realm, replica1, dirman_passwd, PORT, True) repl1.hostnames = [replica1, replica2] - type1 = repl1.get_agreement_type(replica2) - repl_list = repl1.find_ipa_replication_agreements() - if not force and len(repl_list) <= 1: - print "Cannot remove the last replication link of '%s'" % replica1 - print "Please use the 'del' command to remove it from the domain" - sys.exit(1) + repl_list1 = repl1.find_replication_agreements() + + # Find the DN of the replication agreement to remove + replica1_dn = None + for e in repl_list1: + if e.getValue('nsDS5ReplicaHost') == replica2: + replica1_dn = e.dn + break + + if replica1_dn is None: + sys.exit("'%s' has no replication agreement for '%s'" % (replica1, replica2)) + + repl1.hostnames = [replica1, replica2] - except ldap.NO_SUCH_OBJECT: - sys.exit("'%s' has no replication agreement for '%s'" % (replica1, replica2)) - except errors.NotFound: - sys.exit("'%s' has no replication agreement for '%s'" % (replica1, replica2)) except ldap.SERVER_DOWN, e: sys.exit("Unable to connect to %s: %s" % (ipautil.format_netloc(replica1, PORT), convert_error(e))) except Exception, e: @@ -226,12 +229,31 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False): repl2 = CSReplicationManager(realm, replica2, dirman_passwd, PORT, True) repl2.hostnames = [replica1, replica2] - repl_list = repl1.find_ipa_replication_agreements() + repl_list = repl2.find_replication_agreements() + + # Now that we've confirmed that both hostnames are vaild, make sure + # that we aren't removing the last link from either side. if not force and len(repl_list) <= 1: print "Cannot remove the last replication link of '%s'" % replica2 print "Please use the 'del' command to remove it from the domain" sys.exit(1) + if not force and len(repl_list1) <= 1: + print "Cannot remove the last replication link of '%s'" % replica1 + print "Please use the 'del' command to remove it from the domain" + sys.exit(1) + + # Find the DN of the replication agreement to remove + replica2_dn = None + for e in repl_list: + if e.getValue('nsDS5ReplicaHost') == replica1: + replica2_dn = e.dn + break + + # This should never happen + if replica2_dn is None: + sys.exit("'%s' has no replication agreement for '%s'" % (replica1, replica2)) + except ldap.NO_SUCH_OBJECT: print "'%s' has no replication agreement for '%s'" % (replica2, replica1) if not force: @@ -248,7 +270,7 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False): if repl2: failed = False try: - repl2.delete_agreement(replica1) + repl2.delete_agreement(replica1, replica2_dn) repl2.delete_referral(replica1) except Exception, e: print "Unable to remove agreement on %s: %s" % (replica2, convert_error(e)) @@ -263,7 +285,7 @@ def del_link(realm, replica1, replica2, dirman_passwd, force=False): if not repl2 and force: print "Forcing removal on '%s'" % replica1 - repl1.delete_agreement(replica2) + repl1.delete_agreement(replica2, replica1_dn) repl1.delete_referral(replica2) print "Deleted replication agreement from '%s' to '%s'" % (replica1, replica2) @@ -324,13 +346,13 @@ def add_link(realm, replica1, replica2, dirman_passwd, options): except ldap.SERVER_DOWN, e: sys.exit("Unable to connect to %s: %s" % (ipautil.format_netloc(replica2, 636), convert_error(e))) except Exception, e: - sys.exit("Failed to get data from '%s': %s" % (replica1, convert_error(e))) + sys.exit("Failed to get data while trying to bind to '%s': %s" % (replica1, convert_error(e))) try: repl1 = CSReplicationManager(realm, replica1, dirman_passwd, PORT, True) entries = repl1.find_replication_agreements() for e in entries: - if replica1 in e.dn or replica2 in e.dn: + if e.getValue('nsDS5ReplicaHost') == replica2: sys.exit('This replication agreement already exists.') repl1.hostnames = [replica1, replica2] @@ -339,7 +361,7 @@ def add_link(realm, replica1, replica2, dirman_passwd, options): except ldap.SERVER_DOWN, e: sys.exit("Unable to connect to %s %s" % (ipautil.format_netloc(replica1, PORT), convert_error(e))) except Exception, e: - sys.exit("Failed to get data from '%s': %s" % (replica1, convert_error(e))) + sys.exit("Failed to get data from '%s' while trying to get current agreements: %s" % (replica1, convert_error(e))) repl1.setup_replication(replica2, PORT, 0, DN(('cn', 'Directory Manager')), dirman_passwd, True, True) print "Connected '%s' to '%s'" % (replica1, replica2) @@ -436,7 +458,7 @@ def main(): elif len(args) == 2: replica1 = host replica2 = args[1] - del_link(realm, replica1, replica2, dirman_passwd) + del_link(realm, replica1, replica2, dirman_passwd, options.force) try: main() |