diff options
author | Simo Sorce <ssorce@redhat.com> | 2011-01-11 10:27:48 -0500 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2011-01-14 14:06:56 -0500 |
commit | a0bfbec19f99d01f59299b02a2f5f2f3a76fc1c3 (patch) | |
tree | 27370a6bfc3e16cd99590667317628f47572dfea /install/tools | |
parent | 05055870c9047ebb6bc6ae27fe9e21fa5f4476da (diff) | |
download | freeipa-a0bfbec19f99d01f59299b02a2f5f2f3a76fc1c3.tar.gz freeipa-a0bfbec19f99d01f59299b02a2f5f2f3a76fc1c3.tar.xz freeipa-a0bfbec19f99d01f59299b02a2f5f2f3a76fc1c3.zip |
Use GSSAPI for replication
Uses a temporary simple replication agreement over SSL to init the tree.
Then once all principals have been created switches replication to GSSAPI.
Fixes: https://fedorahosted.org/freeipa/ticket/690
Diffstat (limited to 'install/tools')
-rwxr-xr-x | install/tools/ipa-replica-install | 3 | ||||
-rwxr-xr-x | install/tools/ipa-replica-manage | 4 |
2 files changed, 4 insertions, 3 deletions
diff --git a/install/tools/ipa-replica-install b/install/tools/ipa-replica-install index 76f7f8c9a..3c912a759 100755 --- a/install/tools/ipa-replica-install +++ b/install/tools/ipa-replica-install @@ -205,7 +205,8 @@ def install_krb(config, setup_pkinit=False): pkcs12_info = (config.dir + "/pkinitcert.p12", config.dir + "/pkinit_pin.txt") - krb.create_replica(config.ds_user, config.realm_name, config.host_name, + krb.create_replica(config.ds_user, config.realm_name, + config.master_host_name, config.host_name, config.domain_name, config.dirman_password, ldappwd_filename, kpasswd_filename, setup_pkinit, pkcs12_info) diff --git a/install/tools/ipa-replica-manage b/install/tools/ipa-replica-manage index 2400176fe..0fd06fd26 100755 --- a/install/tools/ipa-replica-manage +++ b/install/tools/ipa-replica-manage @@ -312,7 +312,7 @@ def add_link(realm, replica1, replica2, dirman_passwd, options): options.passsync, options.win_subtree, options.cacert) else: - repl1.setup_replication(replica2, "cn=Directory Manager", dirman_passwd) + repl1.setup_gssapi_replication(replica2, "cn=Directory Manager", dirman_passwd) print "Connected '%s' to '%s'" % (replica1, replica2) def re_initialize(realm, options): @@ -350,7 +350,7 @@ def force_sync(realm, thishost, fromhost, dirman_passwd): sys.exit(1) if len(entry) > 1: logging.error("Found multiple agreements for %s. Only initializing the first one returned: %s" % (thishost, entry[0].dn)) - repl.force_synch(entry[0].dn, entry[0].nsds5replicaupdateschedule, repl.conn) + repl.force_synch(entry[0].dn, entry[0].nsds5replicaupdateschedule) def main(): options, args = parse_options() |