diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2012-06-26 17:33:53 -0400 |
|---|---|---|
| committer | Martin Kosek <mkosek@redhat.com> | 2012-06-27 16:50:02 +0200 |
| commit | db4c946f477c88118d36591db5995a8e86c05099 (patch) | |
| tree | 8e6d909fe21285f4503113e5998843b5e9eca1ae | |
| parent | 8ce7330c5330e45c59c70d984a7fed526e85c58c (diff) | |
| download | freeipa.git-db4c946f477c88118d36591db5995a8e86c05099.tar.gz freeipa.git-db4c946f477c88118d36591db5995a8e86c05099.tar.xz freeipa.git-db4c946f477c88118d36591db5995a8e86c05099.zip | |
Defer adding ipa-cifs-delegation-targets until the Updates phase.
It was likely that this would fail being in an LDIF so let an update
file add this potentially conflicting entry instead.
https://fedorahosted.org/freeipa/ticket/2837
| -rw-r--r-- | install/share/replica-s4u2proxy.ldif | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/install/share/replica-s4u2proxy.ldif b/install/share/replica-s4u2proxy.ldif index ce58365c..98de46fa 100644 --- a/install/share/replica-s4u2proxy.ldif +++ b/install/share/replica-s4u2proxy.ldif @@ -2,9 +2,11 @@ dn: cn=ipa-http-delegation,cn=s4u2proxy,cn=etc,$SUFFIX changetype: modify add: memberPrincipal memberPrincipal: HTTP/$FQDN@$REALM -- -add: ipaAllowedTarget -ipaAllowedTarget: 'cn=ipa-cifs-delegation-targets,cn=s4u2proxy,cn=etc,$SUFFIX' + +# ipa-cifs-delegation-targets needs to be an ipaAllowedTarget for HTTP +# delegation but we don't add it here as an LDIF because this entry may +# already exist from another replica, or previous install. If it is missing +# then it will be caught by the update file 61-trusts-s4u2proxy.update dn: cn=ipa-ldap-delegation-targets,cn=s4u2proxy,cn=etc,$SUFFIX changetype: modify |