def __setup_replica(self): """ Setup initial replication between replica and remote master. GSSAPI is always used as a replication bind method. Note, however, that the bind method for the replication differs between domain levels: * in domain level 0, Directory Manager credentials are used to bind to remote master * in domain level 1, GSSAPI using admin/privileged host credentials is used (we do not have access to masters' DM password in this stage) """ replication.enable_replication_version_checking( self.realm, self.dm_password) # Always connect to self over ldapi ldap_uri = ipaldap.get_ldap_uri(protocol='ldapi', realm=self.realm) conn = ipaldap.LDAPClient(ldap_uri) conn.external_bind() repl = replication.ReplicationManager(self.realm, self.fqdn, self.dm_password, conn=conn) if self.dm_password is not None and not self.promote: bind_dn = DN(('cn', 'Directory Manager')) bind_pw = self.dm_password else: bind_dn = bind_pw = None repl.setup_promote_replication(self.master_fqdn, r_binddn=bind_dn, r_bindpw=bind_pw, cacert=self.ca_file) self.run_init_memberof = repl.needs_memberof_fixup()
def run(self): options = self.options super(ReplicaPrepare, self).run() logger.info("Preparing replica for %s from %s", self.replica_fqdn, api.env.host) enable_replication_version_checking(api.env.realm, self.dirman_password) self.top_dir = tempfile.mkdtemp("ipa") self.dir = os.path.join(self.top_dir, "realm_info") os.mkdir(self.dir) os.chmod(self.dir, 0o700) try: self.copy_ds_certificate() self.copy_httpd_certificate() self.retrieve_ca_certs() self.copy_misc_files() self.save_config() self.package_replica_file() finally: shutil.rmtree(self.top_dir) if options.ip_addresses: self.add_dns_records() if options.wait_for_dns: self.wait_for_dns() # Close LDAP connection that was opened in validate_options() api.Backend.ldap2.disconnect()
def run(self): options = self.options super(ReplicaPrepare, self).run() self.log.info("Preparing replica for %s from %s", self.replica_fqdn, api.env.host) enable_replication_version_checking(api.env.host, api.env.realm, self.dirman_password) self.top_dir = tempfile.mkdtemp("ipa") self.dir = os.path.join(self.top_dir, "realm_info") os.mkdir(self.dir, 0o700) try: self.copy_ds_certificate() self.copy_httpd_certificate() if options.setup_pkinit: self.copy_pkinit_certificate() self.copy_misc_files() self.save_config() self.package_replica_file() finally: shutil.rmtree(self.top_dir) if options.ip_addresses: self.add_dns_records() if options.wait_for_dns: self.wait_for_dns()
def run(self): options = self.options super(ReplicaPrepare, self).run() self.log.info("Preparing replica for %s from %s", self.replica_fqdn, api.env.host) enable_replication_version_checking(api.env.host, api.env.realm, self.dirman_password) self.top_dir = tempfile.mkdtemp("ipa") self.dir = os.path.join(self.top_dir, "realm_info") os.mkdir(self.dir, 0700) try: self.copy_ds_certificate() self.copy_httpd_certificate() if options.setup_pkinit: self.copy_pkinit_certificate() self.copy_misc_files() self.save_config() self.package_replica_file() finally: shutil.rmtree(self.top_dir) if options.ip_addresses: self.add_dns_records() if options.wait_for_dns: self.wait_for_dns()
def run(self): options = self.options super(ReplicaPrepare, self).run() logger.info("Preparing replica for %s from %s", self.replica_fqdn, api.env.host) enable_replication_version_checking( api.env.realm, self.dirman_password) self.top_dir = tempfile.mkdtemp("ipa") self.dir = os.path.join(self.top_dir, "realm_info") os.mkdir(self.dir) os.chmod(self.dir, 0o700) try: self.copy_ds_certificate() self.copy_httpd_certificate() self.retrieve_ca_certs() self.copy_misc_files() self.save_config() self.package_replica_file() finally: shutil.rmtree(self.top_dir) if options.ip_addresses: self.add_dns_records() if options.wait_for_dns: self.wait_for_dns() # Close LDAP connection that was opened in validate_options() api.Backend.ldap2.disconnect()
def __setup_replica(self): replication.enable_replication_version_checking( self.fqdn, self.realm_name, self.dm_password) repl = replication.ReplicationManager(self.realm_name, self.fqdn, self.dm_password) repl.setup_replication(self.master_fqdn, r_binddn=DN(('cn', 'Directory Manager')), r_bindpw=self.dm_password) self.run_init_memberof = repl.needs_memberof_fixup()
def __setup_replica(self): replication.enable_replication_version_checking(self.fqdn, self.realm, self.dm_password) repl = replication.ReplicationManager(self.realm, self.fqdn, self.dm_password) repl.setup_replication(self.master_fqdn, r_binddn=DN(('cn', 'Directory Manager')), r_bindpw=self.dm_password) self.run_init_memberof = repl.needs_memberof_fixup()