summaryrefslogtreecommitdiffstats
path: root/ipa-client/ipa-install
diff options
context:
space:
mode:
Diffstat (limited to 'ipa-client/ipa-install')
-rwxr-xr-xipa-client/ipa-install/ipa-client-install19
1 files changed, 19 insertions, 0 deletions
diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install
index 604283ae4..b7753f544 100755
--- a/ipa-client/ipa-install/ipa-client-install
+++ b/ipa-client/ipa-install/ipa-client-install
@@ -547,6 +547,22 @@ def configure_nslcd_conf(fstore, cli_basedn, cli_realm, cli_domain, cli_server,
return (0, 'NSLCD', ', '.join(files))
+def configure_openldap_conf(fstore, cli_basedn, cli_server):
+ ldapconf = ipaclient.ipachangeconf.IPAChangeConf("IPA Installer")
+ ldapconf.setOptionAssignment(" ")
+
+ opts = [{'name':'comment', 'type':'comment', 'value':'File modified by ipa-client-install'},
+ {'name':'empty', 'type':'empty'},
+ {'name':'URI', 'type':'option', 'value':'ldaps://'+ cli_server},
+ {'name':'BASE', 'type':'option', 'value':cli_basedn},
+ {'name':'TLS_CACERT', 'type':'option', 'value':'/etc/ipa/ca.crt'},
+ {'name':'empty', 'type':'empty'}]
+
+ target_fname = '/etc/openldap/ldap.conf'
+ fstore.backup_file(target_fname)
+ ldapconf.newConf(target_fname, opts)
+ os.chmod(target_fname, 0644)
+
def hardcode_ldap_server(cli_server):
"""
DNS Discovery didn't return a valid IPA server, hardcode a value into
@@ -1451,6 +1467,9 @@ def install(options, env, fstore, statestore):
if conf:
print "%s configured using configuration file(s) %s" % (conf, filename)
+ configure_openldap_conf(fstore, cli_basedn, cli_server)
+ print "Configured /etc/openldap/ldap.conf"
+
#Check that nss is working properly
if not options.on_master:
n = 0