URL: https://github.com/freeipa/freeipa/pull/2087 Author: tiran Title: #2087: [Backport][ipa-4-6] Catch ACIError instead of invalid credentials Action: opened
PR body: """ This PR was opened automatically because PR #2084 was pushed to master and backport to ipa-4-6 is required. """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2087/head:pr2087 git checkout pr2087
From e2a03a20fa0c80307620a74a67c3e1487316e91a Mon Sep 17 00:00:00 2001 From: Christian Heimes <chei...@redhat.com> Date: Fri, 29 Jun 2018 11:08:45 +0200 Subject: [PATCH] Catch ACIError instead of invalid credentials ipaldap's LDAPClient client turns INVALID_CREDENTIAL error into ACIError. Catch the ACIError and wait until the user has been replicated. Apparently no manual or automated test ran into the timeout during testing. Fixes: Fixes: https://pagure.io/freeipa/issue/7593 Signed-off-by: Christian Heimes <chei...@redhat.com> --- ipaserver/install/dogtaginstance.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ipaserver/install/dogtaginstance.py b/ipaserver/install/dogtaginstance.py index 5b2c30f8a1..437029315c 100644 --- a/ipaserver/install/dogtaginstance.py +++ b/ipaserver/install/dogtaginstance.py @@ -471,7 +471,8 @@ def setup_admin(self): time.sleep(1) try: master_conn.simple_bind(self.admin_dn, self.admin_password) - except ldap.INVALID_CREDENTIALS: + except errors.ACIError: + # user not replicated yet pass else: logger.debug("Successfully logged in as %s", self.admin_dn)
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/freeipa-devel@lists.fedorahosted.org/message/RPCMJ4DPMFRW5NWSBOQTICGAHCDRR773/