On 06/21/2013 03:59 PM, Tomas Babej wrote:
On 06/21/2013 03:38 PM, Ana Krivokapic wrote:
On 06/21/2013 02:39 PM, Tomas Babej wrote:
On 06/12/2013 07:06 PM, Ana Krivokapic wrote:
On 06/11/2013 06:44 PM, Alexander Bokovoy wrote:
On Tue, 11 Jun 2013, Martin Kosek wrote:
2) Is the used ldapsearch really the best way to find out if
configured on a given master? Isn't a search in
What would the search in cn=masters,cn=ipa,.. give?
We can have multiple CIFS services per realm. However, only those in
'adtrust agents' group are the ones which are real DCs. And since
membership in the group is not handled via framework or UI, it is
indication that ipa-adtrust-install was run.
It would say if there as an appropriate service configured by
ipa-adtrust-install. In this case,
"cn=ADTRUST,cn=FQDN,cn=masters,cn=ipa,cn=etc,SUFFIX. I am asking
is a standard way in FreeIPA to ask for configured services.
If that does not work for Trust, then your alternative way should
be OK too.
This would work for making sure that ipa-adtrust-install was run on a
specific server. It will not work for making sure trusts are enabled
but in this case we only need to know that we have configured the host
to be a DC so your approach is fine.
I'm fine to use this approach, somehow it slipped out of my view
discussed it with Ana..
I amended the name of the new command to 'adtrust_is_enabled'. I
the LDAP search used in the command, as suggested by Martin and
Updated patch is attached.
Can you please rebase the patch? I think tests -> ipatests change is the
Sure, rebased patch is attached.
Pushed to master.
Freeipa-devel mailing list