summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2011-03-14 15:22:27 -0400
committerAdam Young <ayoung@redhat.com>2011-03-14 15:26:07 -0400
commit0b6b2342d0d723336b2c612460e3b7ec43f21112 (patch)
tree3129ef1ef3aa232fb79bb17ef27a5814a85a8147
parentdcf7a18b4ea40fcc3927121452a883a5a1fd391b (diff)
downloadfreeipa-0b6b2342d0d723336b2c612460e3b7ec43f21112.tar.gz
freeipa-0b6b2342d0d723336b2c612460e3b7ec43f21112.tar.xz
freeipa-0b6b2342d0d723336b2c612460e3b7ec43f21112.zip
Domain to Realm
Explicitly use the realm specified on the command line. Many places were assuming that the domain and realm were the same. https://bugzilla.redhat.com/show_bug.cgi?id=684690 https://fedorahosted.org/freeipa/ticket/1091
-rw-r--r--ipaserver/install/ldapupdate.py25
1 files changed, 15 insertions, 10 deletions
diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py
index 0cee70ba..a2eebebc 100644
--- a/ipaserver/install/ldapupdate.py
+++ b/ipaserver/install/ldapupdate.py
@@ -67,13 +67,16 @@ class LDAPUpdate:
self.pw_name = pwd.getpwuid(os.geteuid()).pw_name
- krbctx = krbV.default_context()
- try:
- self.realm = krbctx.default_realm
- suffix = util.realm_to_suffix(self.realm)
- except krbV.Krb5Error:
- self.realm = None
- suffix = None
+ if sub_dict.get("REALM"):
+ self.realm = sub_dict["REALM"]
+ else:
+ krbctx = krbV.default_context()
+ try:
+ self.realm = krbctx.default_realm
+ suffix = util.realm_to_suffix(self.realm)
+ except krbV.Krb5Error:
+ self.realm = None
+ suffix = None
domain = ipautil.get_domain_name()
libarch = self.__identify_arch()
@@ -84,7 +87,7 @@ class LDAPUpdate:
raise RuntimeError("Unable to determine hostname")
else:
fqdn = "ldapi://%%2fvar%%2frun%%2fslapd-%s.socket" % "-".join(
- domain.upper().split(".")
+ self.realm.split(".")
)
if not self.sub_dict.get("REALM") and self.realm is not None:
@@ -108,7 +111,7 @@ class LDAPUpdate:
# Try out the password
#if not self.ldapi:
try:
- conn = ipaldap.IPAdmin(fqdn, ldapi=True, realm=domain.upper())
+ conn = ipaldap.IPAdmin(fqdn, ldapi=True, realm=self.realm)
conn.do_simple_bind(binddn="cn=directory manager", bindpw=self.dm_password)
conn.unbind()
except ldap.CONNECT_ERROR:
@@ -659,7 +662,9 @@ class LDAPUpdate:
# self.conn = ipaldap.IPAdmin(ldapi=True, realm=self.realm)
# self.conn.do_external_bind(self.pw_name)
#else:
- self.conn = ipaldap.IPAdmin(self.sub_dict['FQDN'], ldapi=self.ldapi, realm=self.sub_dict['DOMAIN'].upper())
+ self.conn = ipaldap.IPAdmin(self.sub_dict['FQDN'],
+ ldapi=self.ldapi,
+ realm=self.realm)
self.conn.do_simple_bind(bindpw=self.dm_password)
else:
raise RuntimeError("Offline updates are not supported.")