Hello,

the attached patch makes sure that HTTPInstance has an admin_conn LDAP
connection. Without the LDAP connection, HTTPInstance.enable_kdcproxy()
fails.

Christian
From b10dc05edb26b10f4364e64d04ca0f41d7f35794 Mon Sep 17 00:00:00 2001
From: Christian Heimes <chei...@redhat.com>
Date: Mon, 29 Jun 2015 11:35:07 +0200
Subject: [PATCH] Fix upgrade of HTTPInstance for KDC Proxy

HTTPInstance needs a LDAP connection for KDC Proxy upgrade. The patch
ensures that an admin_conn is available.
---
 ipaserver/install/server/upgrade.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ipaserver/install/server/upgrade.py b/ipaserver/install/server/upgrade.py
index 43beb6799befcad8d512d15409b363f02c3bad08..ff9a5913aad1db8f25d357b9e08c4e355d1582c5 100644
--- a/ipaserver/install/server/upgrade.py
+++ b/ipaserver/install/server/upgrade.py
@@ -1363,6 +1363,12 @@ def upgrade_configuration():
 
     if not http.is_kdcproxy_configured():
         root_logger.info('[Enabling KDC Proxy]')
+        if http.admin_conn is None:
+            http.ldapi = True
+            http.fqdn = fqdn
+            http.realm = api.env.realm
+            http.suffix = ipautil.realm_to_suffix(api.env.realm)
+            http.ldap_connect()
         http.create_kdcproxy_conf()
         http.enable_kdcproxy()
 
-- 
2.4.3

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to