https://fedorahosted.org/freeipa/ticket/5064

Patch attached.

--
Martin Basti

From eabe6829c0c8c0c855cc4606384897ed908b40d5 Mon Sep 17 00:00:00 2001
From: Martin Basti <mba...@redhat.com>
Date: Wed, 17 Jun 2015 14:19:25 +0200
Subject: [PATCH] ipa-ca-install fix: reconnect ldap2 after DS restart

https://fedorahosted.org/freeipa/ticket/5064
---
 ipaserver/install/ca.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ipaserver/install/ca.py b/ipaserver/install/ca.py
index 1ef8b2c418bdc09e7c9cb4ec70d7d8653b662e32..173befb3773e1d50dee624647e43f3563ca6ae87 100644
--- a/ipaserver/install/ca.py
+++ b/ipaserver/install/ca.py
@@ -122,8 +122,16 @@ def install_step_0(standalone, replica_config, options):
             postinstall = True
         else:
             postinstall = False
+
+        if standalone:
+            api.Backend.ldap2.disconnect()
+
         ca = cainstance.install_replica_ca(replica_config, postinstall)
 
+        if standalone:
+            api.Backend.ldap2.connect(bind_dn=DN(('cn', 'Directory Manager')),
+                                      bind_pw=dm_password)
+
         if not standalone:
             ca.configure_certmonger_renewal()
             ca.import_ra_cert(replica_config.dir + "/ra.p12")
-- 
2.1.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to