diff options
| author | Abhishek Koneru <akoneru@redhat.com> | 2013-12-09 12:38:42 -0500 |
|---|---|---|
| committer | Abhishek Koneru <akoneru@redhat.com> | 2014-01-08 17:14:47 -0500 |
| commit | 68819722a5d08e6e6eea29846e879cc7ab65eb44 (patch) | |
| tree | 75810c8ed20a1a723bd8fb219f98e771456e28f4 /base/server/python/pki/server/deployment/pkiparser.py | |
| parent | 81fd42a1383272fed855e033b533d887d8f5de05 (diff) | |
| download | pki-68819722a5d08e6e6eea29846e879cc7ab65eb44.tar.gz pki-68819722a5d08e6e6eea29846e879cc7ab65eb44.tar.xz pki-68819722a5d08e6e6eea29846e879cc7ab65eb44.zip | |
Cannot connect to ds when anon. access is off
The connection to ds is checked during installation.
But the current method of checking the ds connection before
binding with the ds throws an Inappropriate Authentication error
when Anonymous access is off. This patch uses the following method to
check the connection to a DS server.
1. Initialize the connection
2. Bind with the DS.
3. Perform the ldap search.
Ticket #811
Diffstat (limited to 'base/server/python/pki/server/deployment/pkiparser.py')
| -rw-r--r-- | base/server/python/pki/server/deployment/pkiparser.py | 47 |
1 files changed, 34 insertions, 13 deletions
diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py index b7cece722..dba1f50f1 100644 --- a/base/server/python/pki/server/deployment/pkiparser.py +++ b/base/server/python/pki/server/deployment/pkiparser.py @@ -405,29 +405,50 @@ class PKIConfigParser: port = self.pki_master_dict['pki_ds_ldap_port'] self.ds_connection = ldap.initialize(protocol + '://' + hostname + ':' + port) - self.ds_connection.search_s('', ldap.SCOPE_BASE) def ds_bind(self): self.ds_connection.simple_bind_s( self.pki_master_dict['pki_ds_bind_dn'], self.pki_master_dict['pki_ds_password']) - def ds_base_dn_exists(self): - try: - results = self.ds_connection.search_s( - self.pki_master_dict['pki_ds_base_dn'], - ldap.SCOPE_BASE) + def ds_search(self, key=None): + if key is None: + key = '' + self.ds_connection.search_s(key, ldap.SCOPE_BASE) - if results is None or len(results) == 0: - return False + def ds_close(self): + self.ds_connection.unbind_s() - return True + def ds_verify_configuration(self): - except ldap.NO_SUCH_OBJECT: - return False + try: + self.ds_connect() + self.ds_bind() + self.ds_search() + except: + raise + finally: + self.ds_close() - def ds_close(self): - self.ds_connection.unbind_s() + def ds_base_dn_exists(self): + base_dn_exists = True + try: + self.ds_connect() + self.ds_bind() + self.ds_search() + try: + results = self.ds_search(self.pki_master_dict['pki_ds_base_dn']) + + if results is None or len(results) == 0: + base_dn_exists = False + + except ldap.NO_SUCH_OBJECT: + base_dn_exists = False + except: + raise + finally: + self.ds_close() + return base_dn_exists def sd_connect(self): self.sd_connection = pki.client.PKIConnection( |