summaryrefslogtreecommitdiffstats
path: root/install/tools
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2011-01-11 10:27:48 -0500
committerSimo Sorce <ssorce@redhat.com>2011-01-14 14:06:56 -0500
commita0bfbec19f99d01f59299b02a2f5f2f3a76fc1c3 (patch)
tree27370a6bfc3e16cd99590667317628f47572dfea /install/tools
parent05055870c9047ebb6bc6ae27fe9e21fa5f4476da (diff)
downloadfreeipa-a0bfbec19f99d01f59299b02a2f5f2f3a76fc1c3.tar.gz
freeipa-a0bfbec19f99d01f59299b02a2f5f2f3a76fc1c3.tar.xz
freeipa-a0bfbec19f99d01f59299b02a2f5f2f3a76fc1c3.zip
Use GSSAPI for replication
Uses a temporary simple replication agreement over SSL to init the tree. Then once all principals have been created switches replication to GSSAPI. Fixes: https://fedorahosted.org/freeipa/ticket/690
Diffstat (limited to 'install/tools')
-rwxr-xr-xinstall/tools/ipa-replica-install3
-rwxr-xr-xinstall/tools/ipa-replica-manage4
2 files changed, 4 insertions, 3 deletions
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install
index 76f7f8c9..3c912a75 100755
--- a/install/tools/ipa-replica-install
+++ b/install/tools/ipa-replica-install
@@ -205,7 +205,8 @@ def install_krb(config, setup_pkinit=False):
pkcs12_info = (config.dir + "/pkinitcert.p12",
config.dir + "/pkinit_pin.txt")
- krb.create_replica(config.ds_user, config.realm_name, config.host_name,
+ krb.create_replica(config.ds_user, config.realm_name,
+ config.master_host_name, config.host_name,
config.domain_name, config.dirman_password,
ldappwd_filename, kpasswd_filename,
setup_pkinit, pkcs12_info)
diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage
index 2400176f..0fd06fd2 100755
--- a/install/tools/ipa-replica-manage
+++ b/install/tools/ipa-replica-manage
@@ -312,7 +312,7 @@ def add_link(realm, replica1, replica2, dirman_passwd, options):
options.passsync, options.win_subtree,
options.cacert)
else:
- repl1.setup_replication(replica2, "cn=Directory Manager", dirman_passwd)
+ repl1.setup_gssapi_replication(replica2, "cn=Directory Manager", dirman_passwd)
print "Connected '%s' to '%s'" % (replica1, replica2)
def re_initialize(realm, options):
@@ -350,7 +350,7 @@ def force_sync(realm, thishost, fromhost, dirman_passwd):
sys.exit(1)
if len(entry) > 1:
logging.error("Found multiple agreements for %s. Only initializing the first one returned: %s" % (thishost, entry[0].dn))
- repl.force_synch(entry[0].dn, entry[0].nsds5replicaupdateschedule, repl.conn)
+ repl.force_synch(entry[0].dn, entry[0].nsds5replicaupdateschedule)
def main():
options, args = parse_options()