From 8911c92c8d4ab85920ccf151cbec8df23f53d273 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Thu, 27 May 2010 17:41:13 -0400
Subject: Query the remote server to see if this replica host already exists.

If it does then the installation will fail trying to set up the
keytabs, and not in a way that you say "aha, it's because the host is
already enrolled."
---
 install/tools/ipa-replica-install | 36 +++++++++++++++++++++++-------------
 1 file changed, 23 insertions(+), 13 deletions(-)

(limited to 'install/tools/ipa-replica-install')

diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index bc8eeefa4..4bf15067e 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -298,19 +298,6 @@ def main():
     config.repl_password = ipautil.ipa_generate_password()
     config.dir = dir
 
-    # Try out the password
-    ldapuri = 'ldap://%s' % config.master_host_name
-    try:
-        conn = ldap2(shared_instance=False, ldap_uri=ldapuri, base_dn='')
-        conn.connect(
-            bind_dn='cn=directory manager', bind_pw=config.dirman_password
-        )
-        conn.disconnect()
-    except errors.ACIError:
-        sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
-    except errors.LDAPError:
-        sys.exit("\nUnable to connect to LDAP server %s" % config.master_host_name)
-
     # Create the management framework config file
     # Note: We must do this before bootstraping and finalizing ipalib.api
     fd = open("/etc/ipa/default.conf", "w")
@@ -328,6 +315,29 @@ def main():
     api.bootstrap(in_server=True)
     api.finalize()
 
+    # Try out the password
+    ldapuri = 'ldap://%s' % config.master_host_name
+    try:
+        conn = ldap2(shared_instance=False, ldap_uri=ldapuri, base_dn='')
+        conn.connect(
+            bind_dn='cn=directory manager', bind_pw=config.dirman_password
+        )
+        try:
+            entry = conn.find_entries(u'fqdn=%s' % host, ['dn', 'fqdn'], u'%s,%s' % (api.env.container_host, api.env.basedn))
+            print "The host %s already exists.\n" % host
+            print "Remove the replication agreement, if any:"
+            print "    %% ipa-replica-manage del %s" % host
+            print "Remove the host continue:"
+            print "    %% ipa host-del %s" % host
+            sys.exit(3)
+        except errors.NotFound:
+            pass
+        conn.disconnect()
+    except errors.ACIError:
+        sys.exit("\nThe password provided is incorrect for LDAP server %s" % config.master_host_name)
+    except errors.LDAPError:
+        sys.exit("\nUnable to connect to LDAP server %s" % config.master_host_name)
+
     # Install CA cert so that we can do SSL connections with ldap
     install_ca_cert(config)
 
-- 
cgit