From 8667d169daece75794c5dcf8b42d22c9a41840a1 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Thu, 9 May 2013 17:50:15 +0200
Subject: Fix ipa-ca DNS name creation

Previous fix (6d06a7e) did not work properly on a CA-less replica
with CA-powered master.

https://fedorahosted.org/freeipa/ticket/3617
---
 ipaserver/install/bindinstance.py | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/ipaserver/install/bindinstance.py b/ipaserver/install/bindinstance.py
index 5a2450e61..ac86e9e7d 100644
--- a/ipaserver/install/bindinstance.py
+++ b/ipaserver/install/bindinstance.py
@@ -733,13 +733,17 @@ class BindInstance(service.Service):
         self.__add_ipa_ca_records(self.fqdn, [self.ip_address],
                                   self.ca_configured)
 
-        if self.first_instance and self.ca_configured:
+        if self.first_instance:
             ldap = api.Backend.ldap2
-            entries = ldap.get_entries(
-                DN(('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'),
-                   api.env.basedn),
-                ldap.SCOPE_SUBTREE, '(&(objectClass=ipaConfigObject)(cn=CA))',
-                ['dn'])
+            try:
+                entries = ldap.get_entries(
+                    DN(('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'),
+                       api.env.basedn),
+                    ldap.SCOPE_SUBTREE, '(&(objectClass=ipaConfigObject)(cn=CA))',
+                    ['dn'])
+            except errors.NotFound:
+                root_logger.debug('No server with CA found')
+                entries = []
 
             for entry in entries:
                 fqdn = entry.dn[1]['cn']
-- 
cgit