summaryrefslogtreecommitdiffstats
path: root/ipalib/plugins/trust.py
diff options
context:
space:
mode:
Diffstat (limited to 'ipalib/plugins/trust.py')
-rw-r--r--ipalib/plugins/trust.py6
1 files changed, 6 insertions, 0 deletions
diff --git a/ipalib/plugins/trust.py b/ipalib/plugins/trust.py
index f5cb1e75..f412c618 100644
--- a/ipalib/plugins/trust.py
+++ b/ipalib/plugins/trust.py
@@ -1286,6 +1286,9 @@ class trustdomain_enable(LDAPQuery):
if sid in trust_entry['ipantsidblacklistincoming']:
trust_entry['ipantsidblacklistincoming'].remove(sid)
ldap.update_entry(trust_entry)
+ # Force MS-PAC cache re-initialization on KDC side
+ domval = ipaserver.dcerpc.DomainValidator(api)
+ (ccache_name, principal) = domval.kinit_as_http(keys[0])
else:
raise errors.AlreadyActive()
except errors.NotFound:
@@ -1323,6 +1326,9 @@ class trustdomain_disable(LDAPQuery):
if not (sid in trust_entry['ipantsidblacklistincoming']):
trust_entry['ipantsidblacklistincoming'].append(sid)
ldap.update_entry(trust_entry)
+ # Force MS-PAC cache re-initialization on KDC side
+ domval = ipaserver.dcerpc.DomainValidator(api)
+ (ccache_name, principal) = domval.kinit_as_http(keys[0])
else:
raise errors.AlreadyInactive()
except errors.NotFound:
generated by cgit (git 2.34.1) at 2025-09-02 19:34:43 +0000