Remove common entries when deleting a master.

Fixes: https://fedorahosted.org/freeipa/ticket/550
author: Simo Sorce <ssorce@redhat.com> 2010-12-10 09:48:06 -0500
committer: Simo Sorce <ssorce@redhat.com> 2010-12-21 17:28:13 -0500
commit: 1cf67fe8503981b8aca985043bc5a8cd2799a365 (patch)
tree: b36aa7612450d407d9737b5d3600d3b987b1c800 /ipaserver/install/replication.py
parent: 5884fdf0f864d67fe7ee48d29f3c023882bc2891 (diff)
download: freeipa-1cf67fe8503981b8aca985043bc5a8cd2799a365.tar.gz
freeipa-1cf67fe8503981b8aca985043bc5a8cd2799a365.tar.xz
freeipa-1cf67fe8503981b8aca985043bc5a8cd2799a365.zip
1 files changed, 73 insertions, 0 deletions
diff --git a/ipaserver/install/replication.py b/ipaserver/install/replication.py
index f3e007c6..fbe4d2f7 100644
--- a/ipaserver/install/replication.py
+++ b/ipaserver/install/replication.py
@@ -573,3 +573,76 @@ class ReplicationManager:
                 return WINSYNC
 
         return IPA_REPLICA
+
+    def replica_cleanup(self, replica, realm, force=False):
+
+        err = None
+
+        if replica == self.hostname:
+            raise RuntimeError("Can't cleanup self")
+
+        if not self.suffix or self.suffix == "":
+            self.suffix = util.realm_to_suffix(realm)
+            self.suffix = ipaldap.IPAdmin.normalizeDN(self.suffix)
+
+        # delete master kerberos key and all its svc principals
+        try:
+            filter='(krbprincipalname=*/%s@%s)' % (replica, realm)
+            entries = self.conn.search_s(self.suffix, ldap.SCOPE_SUBTREE,
+                                         filterstr=filter)
+            if len(entries) != 0:
+                dnset = self.conn.get_dns_sorted_by_length(entries,
+                                                           reverse=True)
+                for dns in dnset:
+                    for dn in dns:
+                        self.conn.deleteEntry(dn)
+        except ldap.NO_SUCH_OBJECT:
+            pass
+        except errors.NotFound:
+            pass
+        except Exception, e:
+            if not force:
+                raise e
+            else:
+                err = e
+
+        # delete master entry with all active services
+        try:
+            dn = 'cn=%s,cn=masters,cn=ipa,cn=etc,%s' % (replica, self.suffix)
+            entries = self.conn.search_s(dn, ldap.SCOPE_SUBTREE)
+            if len(entries) != 0:
+                dnset = self.conn.get_dns_sorted_by_length(entries,
+                                                           reverse=True)
+                for dns in dnset:
+                    for dn in dns:
+                        self.conn.deleteEntry(dn)
+        except ldap.NO_SUCH_OBJECT:
+            pass
+        except errors.NotFound:
+            pass
+        except Exception, e:
+            if not force:
+                raise e
+            elif not err:
+                err = e
+
+        try:
+            basedn = 'cn=etc,%s' % self.suffix
+            filter = '(dnaHostname=%s)' % replica
+            entries = self.conn.search_s(basedn, ldap.SCOPE_SUBTREE,
+                                         filterstr=filter)
+            if len(entries) != 0:
+                for e in entries:
+                    self.conn.deleteEntry(e.dn)
+        except ldap.NO_SUCH_OBJECT:
+            pass
+        except errors.NotFound:
+            pass
+        except Exception, e:
+            if force and err:
+                raise err
+            else:
+                raise e
+
+        if err:
+            raise err
author	Simo Sorce <ssorce@redhat.com>	2010-12-10 09:48:06 -0500
committer	Simo Sorce <ssorce@redhat.com>	2010-12-21 17:28:13 -0500
commit	1cf67fe8503981b8aca985043bc5a8cd2799a365 (patch)
tree	b36aa7612450d407d9737b5d3600d3b987b1c800 /ipaserver/install/replication.py
parent	5884fdf0f864d67fe7ee48d29f3c023882bc2891 (diff)
download	freeipa-1cf67fe8503981b8aca985043bc5a8cd2799a365.tar.gz freeipa-1cf67fe8503981b8aca985043bc5a8cd2799a365.tar.xz freeipa-1cf67fe8503981b8aca985043bc5a8cd2799a365.zip