Installer should not connect to 127.0.0.1

IPA installer sometimes tries to connect to the Directory Server
via loopback address 127.0.0.1. However, the Directory Server on
pure IPv6 systems may not be listening on this address. This address
may not even be available.

Rather use the FQDN of the server when connecting to the DS to fix
this issue and make the connection consistent ldapmodify calls which
also use FQDN instead of IP address.

https://fedorahosted.org/freeipa/ticket/3355

1 files changed, 2 insertions, 2 deletions

diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index b963417e..966eeed5 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -463,7 +463,7 @@ class DsInstance(service.Service):
         dn = DN(('cn', 'IPA install %s' % self.sub_dict["TIME"]), ('cn', 'memberof task'),
                 ('cn', 'tasks'), ('cn', 'config'))
         root_logger.debug("Waiting for memberof task to complete.")
-        conn = ipaldap.IPAdmin("127.0.0.1")
+        conn = ipaldap.IPAdmin(self.fqdn)
         if self.dm_password:
             conn.simple_bind_s(DN(('cn', 'directory manager')), self.dm_password)
         else:
@@ -558,7 +558,7 @@ class DsInstance(service.Service):
                 dsdb.track_server_cert("Server-Cert", self.principal, dsdb.passwd_fname, 'restart_dirsrv %s' % self.serverid)
                 dsdb.create_pin_file()
 
-        conn = ipaldap.IPAdmin("127.0.0.1")
+        conn = ipaldap.IPAdmin(self.fqdn)
         conn.simple_bind_s(DN(('cn', 'directory manager')), self.dm_password)
 
         mod = [(ldap.MOD_REPLACE, "nsSSLClientAuth", "allowed"),