summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Cholasta <jcholast@redhat.com>2015-07-01 07:20:35 +0000
committerJan Cholasta <jcholast@redhat.com>2015-07-01 13:05:30 +0000
commite43296ba9acb20342d2b6d4bb030d06deac39c2a (patch)
tree9eb730edd5e964fc2ef47a8d98f60f8818630227
parent5b39bc10033888c9d5e25ce37d6a6796221f12ad (diff)
downloadfreeipa-e43296ba9acb20342d2b6d4bb030d06deac39c2a.zip
freeipa-e43296ba9acb20342d2b6d4bb030d06deac39c2a.tar.gz
freeipa-e43296ba9acb20342d2b6d4bb030d06deac39c2a.tar.xz
replica prepare: Do not use entry after disconnecting from LDAP
https://fedorahosted.org/freeipa/ticket/3090 Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
-rw-r--r--ipaserver/install/ipa_replica_prepare.py7
1 files changed, 5 insertions, 2 deletions
diff --git a/ipaserver/install/ipa_replica_prepare.py b/ipaserver/install/ipa_replica_prepare.py
index c2e7a0f..46ac886 100644
--- a/ipaserver/install/ipa_replica_prepare.py
+++ b/ipaserver/install/ipa_replica_prepare.py
@@ -197,8 +197,13 @@ class ReplicaPrepare(admintool.AdminTool):
conn = api.Backend.ldap2
conn.connect(bind_dn=DN(('cn', 'directory manager')),
bind_pw=self.dirman_password)
+
entry_attrs = conn.get_ipa_config()
+ self.subject_base = entry_attrs.get(
+ 'ipacertificatesubjectbase', [None])[0]
+
ca_enabled = api.Command.ca_is_enabled()['result']
+
conn.disconnect()
except errors.ACIError:
raise admintool.ScriptError("The password provided is incorrect "
@@ -215,8 +220,6 @@ class ReplicaPrepare(admintool.AdminTool):
"--http-cert-file, --dirsrv-cert-file options to provide "
"custom certificates.")
- self.subject_base = entry_attrs.get(
- 'ipacertificatesubjectbase', [None])[0]
if self.subject_base is not None:
self.subject_base = DN(self.subject_base)