diff options
author | Martin Babinsky <mbabinsk@redhat.com> | 2016-03-07 17:41:15 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-03-14 13:43:50 +0100 |
commit | 8290d4b4cba8cf0b9ca517f7f09db2ee81606899 (patch) | |
tree | d01a7d0ec4dc87fb209783da39ba05507151f894 /ipaclient/ipadiscovery.py | |
parent | 578cff956738af06b005c3ef931dbe518d5605a3 (diff) | |
download | freeipa-8290d4b4cba8cf0b9ca517f7f09db2ee81606899.tar.gz freeipa-8290d4b4cba8cf0b9ca517f7f09db2ee81606899.tar.xz freeipa-8290d4b4cba8cf0b9ca517f7f09db2ee81606899.zip |
only search for Kerberos SRV records when autodiscovery was requested
When a list of servers is passed to ipa-client-{install,automount} the search
of Kerberos and LDAP SRV records should be suppressed and the specified
hostnames used directly as LDAP servers/KDCs. We thus should not performed
search for KDCs when the autodiscovery was actually not requested.
https://fedorahosted.org/freeipa/ticket/4305
Reviewed-By: Martin Basti <mbasti@redhat.com>
Diffstat (limited to 'ipaclient/ipadiscovery.py')
-rw-r--r-- | ipaclient/ipadiscovery.py | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/ipaclient/ipadiscovery.py b/ipaclient/ipadiscovery.py index ed59529fb..1ba7c1a2d 100644 --- a/ipaclient/ipadiscovery.py +++ b/ipaclient/ipadiscovery.py @@ -273,9 +273,13 @@ class IPADiscovery(object): if not servers and not realm: return REALM_NOT_FOUND - self.kdc = self.ipadnssearchkrbkdc() - self.kdc_source = ( - 'Discovered Kerberos DNS records from %s' % self.domain) + if autodiscovered: + self.kdc = self.ipadnssearchkrbkdc() + self.kdc_source = ( + 'Discovered Kerberos DNS records from %s' % self.domain) + else: + self.kdc = ', '.join(servers) + self.kdc_source = "Kerberos DNS record discovery bypassed" # We may have received multiple servers corresponding to the domain # Iterate through all of those to check if it is IPA LDAP server |