From 58a99dd5ac5755cb02feb0feecb18d294eaa805c Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Tue, 2 Oct 2012 22:11:17 +0200
Subject: Add SIDs for existing users and groups at the end of
 ipa-adtrust-install

Fixes https://fedorahosted.org/freeipa/ticket/3104
---
 ipaserver/install/adtrustinstance.py | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

(limited to 'ipaserver/install/adtrustinstance.py')

diff --git a/ipaserver/install/adtrustinstance.py b/ipaserver/install/adtrustinstance.py
index 79503c46e..1a92b2885 100644
--- a/ipaserver/install/adtrustinstance.py
+++ b/ipaserver/install/adtrustinstance.py
@@ -110,6 +110,7 @@ class ADTRUSTInstance(service.Service):
         self.domain_name = None
         self.netbios_name = None
         self.no_msdcs = None
+        self.add_sids = None
         self.smbd_user = None
         self.suffix = DN()
         self.ldapi_socket = None
@@ -360,6 +361,16 @@ class ADTRUSTInstance(service.Service):
         try:
             self._ldap_mod("ipa-sidgen-conf.ldif", self.sub_dict)
             self._ldap_mod("ipa-sidgen-task-conf.ldif", self.sub_dict)
+        except Exception:
+            pass
+
+    def __add_sids(self):
+        """
+        Add SIDs for existing users and groups
+        """
+
+        try:
+            self._ldap_mod("ipa-sidgen-task-run.ldif", self.sub_dict)
         except:
             pass
 
@@ -602,7 +613,8 @@ class ADTRUSTInstance(service.Service):
                              FQDN = self.fqdn)
 
     def setup(self, fqdn, ip_address, realm_name, domain_name, netbios_name,
-              rid_base, secondary_rid_base, no_msdcs=False, smbd_user="samba"):
+              rid_base, secondary_rid_base, no_msdcs=False, add_sids=False,
+              smbd_user="samba"):
         self.fqdn = fqdn
         self.ip_address = ip_address
         self.realm = realm_name
@@ -611,6 +623,7 @@ class ADTRUSTInstance(service.Service):
         self.rid_base = rid_base
         self.secondary_rid_base = secondary_rid_base
         self.no_msdcs = no_msdcs
+        self.add_sids = add_sids
         self.smbd_user = smbd_user
         self.suffix = ipautil.realm_to_suffix(self.realm)
         self.ldapi_socket = "%%2fvar%%2frun%%2fslapd-%s.socket" % \
@@ -700,6 +713,10 @@ class ADTRUSTInstance(service.Service):
                   self.__configure_selinux_for_smbd)
         self.step("starting CIFS services", self.__start)
 
+        if self.add_sids:
+            self.step("adding SIDs to existing users and groups",
+                      self.__add_sids)
+
         self.start_creation("Configuring CIFS:")
 
     def uninstall(self):
-- 
cgit