Give a clear message about what is wrong with current Trust settings before letting AD to return a confusing error message.
https://fedorahosted.org/freeipa/ticket/3193
From c792dffbc65aba27d18196def91da14c2e98f5f4 Mon Sep 17 00:00:00 2001 From: Martin Kosek <mko...@redhat.com> Date: Fri, 11 Jan 2013 16:33:43 +0100 Subject: [PATCH] Test NetBIOS name clash before creating a trust Give a clear message about what is wrong with current Trust settings before letting AD to return a confusing error message. https://fedorahosted.org/freeipa/ticket/3193 --- ipaserver/dcerpc.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/ipaserver/dcerpc.py b/ipaserver/dcerpc.py index 54a70defc9df52db58054d29c1c9f9189a88cabb..570dc9d53789dffa50d02d915510f34e8e2d1a9f 100644 --- a/ipaserver/dcerpc.py +++ b/ipaserver/dcerpc.py @@ -585,6 +585,12 @@ class TrustDomainInstance(object): info.trust_type = lsa.LSA_TRUST_TYPE_UPLEVEL info.trust_attributes = lsa.LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE + if self.info['name'] == info.netbios_name.string: + # Check that NetBIOS names do not clash + raise errors.ValidationError(name=u'AD Trust Setup', + error=_('this and the remote domain cannot share the same ' + 'NetBIOS name: %s') % self.info['name']) + try: dname = lsa.String() dname.string = another_domain.info['dns_domain'] -- 1.7.11.7
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
