diff options
author | Abhishek Koneru <akoneru@redhat.com> | 2013-12-09 12:38:42 -0500 |
---|---|---|
committer | Abhishek Koneru <akoneru@redhat.com> | 2014-01-08 17:14:47 -0500 |
commit | 68819722a5d08e6e6eea29846e879cc7ab65eb44 (patch) | |
tree | 75810c8ed20a1a723bd8fb219f98e771456e28f4 /base/server/sbin | |
parent | 81fd42a1383272fed855e033b533d887d8f5de05 (diff) | |
download | pki-68819722a5d08e6e6eea29846e879cc7ab65eb44.tar.gz pki-68819722a5d08e6e6eea29846e879cc7ab65eb44.tar.xz pki-68819722a5d08e6e6eea29846e879cc7ab65eb44.zip |
Cannot connect to ds when anon. access is off
The connection to ds is checked during installation.
But the current method of checking the ds connection before
binding with the ds throws an Inappropriate Authentication error
when Anonymous access is off. This patch uses the following method to
check the connection to a DS server.
1. Initialize the connection
2. Bind with the DS.
3. Perform the ldap search.
Ticket #811
Diffstat (limited to 'base/server/sbin')
-rwxr-xr-x | base/server/sbin/pkispawn | 21 |
1 files changed, 3 insertions, 18 deletions
diff --git a/base/server/sbin/pkispawn b/base/server/sbin/pkispawn index d048147e3..8e56ad101 100755 --- a/base/server/sbin/pkispawn +++ b/base/server/sbin/pkispawn @@ -182,26 +182,16 @@ def main(argv): while True: parser.read_text('Hostname', config.pki_subsystem, 'pki_ds_hostname') parser.read_text('Port', config.pki_subsystem, 'pki_ds_ldap_port') - - try: - parser.ds_connect() - break - - except ldap.LDAPError as e: - parser.print_text('ERROR: ' + e.message['desc']) - - while True: parser.read_text('Bind DN', config.pki_subsystem, 'pki_ds_bind_dn') parser.read_password('Password', config.pki_subsystem, 'pki_ds_password') try: - parser.ds_bind() - break + parser.ds_verify_configuration() except ldap.LDAPError as e: parser.print_text('ERROR: ' + e.message['desc']) + continue - while True: parser.read_text('Base DN', config.pki_subsystem, 'pki_ds_base_dn') try: if not parser.ds_base_dn_exists(): @@ -222,8 +212,6 @@ def main(argv): if remove == 'y' or remove == 'yes': break - parser.ds_close() - print print "Security Domain:" @@ -402,16 +390,13 @@ def main(argv): extra=config.PKI_INDENTATION_LEVEL_0) sys.exit(1) - parser.ds_connect() - parser.ds_bind() + parser.ds_verify_configuration() if parser.ds_base_dn_exists() and\ not config.str2bool(parser.pki_master_dict['pki_ds_remove_data']): print 'ERROR: Base DN already exists.' sys.exit(1) - parser.ds_close() - except ldap.LDAPError as e: print 'ERROR: Unable to access directory server: ' + e.message['desc'] sys.exit(1) |