def pre_callback(self, ldap, dn, *keys, **options): pkey = self.obj.get_primary_key_from_dn(dn) if options.get('force', False): self.add_message( messages.ServerRemovalWarning( message=_("Forcing removal of %(hostname)s") % dict(hostname=pkey))) # check the topology errors before and after removal self.context.topology_connectivity = topology.TopologyConnectivity( self.api) if options.get('ignore_topology_disconnect', False): self.add_message( messages.ServerRemovalWarning( message=_("Ignoring topology connectivity errors."))) else: self._check_topology_connectivity( self.context.topology_connectivity, pkey) # ensure that we are not removing last CA/DNS server, DNSSec master and # CA renewal master self._ensure_last_of_role(pkey, ignore_last_of_role=options.get( 'ignore_last_of_role', False)) if self.api.Command.ca_is_enabled()['result']: try: with self.api.Backend.ra_securitydomain as domain_api: domain_api.delete_domain(pkey, 'KRA') domain_api.delete_domain(pkey, 'CA') except Exception as e: self.add_message( messages.ServerRemovalWarning(message=_( "Failed to remove server from security domain: %s" % e))) # remove the references to master's ldap/http principals self._remove_server_principal_references(pkey) # remove Custodia encryption and signing keys self._remove_server_custodia_keys(ldap, pkey) # finally destroy all Kerberos principals self._remove_server_host_services(ldap, pkey) # try to clean up the leftover DNS entries self._cleanup_server_dns_records(pkey) # try to clean up the DNS config from ldap self._cleanup_server_dns_config(pkey) return dn
def pre_callback(self, ldap, dn, *keys, **options): pkey = self.obj.get_primary_key_from_dn(dn) if options.get('force', False): self.add_message( messages.ServerRemovalWarning( message=_("Forcing removal of %(hostname)s") % dict(hostname=pkey))) # check the topology errors before and after removal self.context.topology_connectivity = topology.TopologyConnectivity( self.api) if options.get('ignore_topology_disconnect', False): self.add_message( messages.ServerRemovalWarning( message=_("Ignoring topology connectivity errors."))) else: self._check_topology_connectivity( self.context.topology_connectivity, pkey) # ensure that we are not removing last CA/DNS server, DNSSec master and # CA renewal master self._ensure_last_of_role(pkey, ignore_last_of_role=options.get( 'ignore_last_of_role', False)) # remove the references to master's ldap/http principals self._remove_server_principal_references(pkey) # remove Custodia encryption and signing keys self._remove_server_custodia_keys(ldap, pkey) # finally destroy all Kerberos principals self._remove_server_host_services(ldap, pkey) # try to clean up the leftover DNS entries self._cleanup_server_dns_records(pkey) return dn