On 8/31/2015 6:18 AM, Martin Basti wrote:



On 08/27/2015 09:41 PM, Endi Sukma Dewata wrote:
The CA and KRA installation code has been modified to use LDAPI
to create the CA and KRA agents directly in the CA and KRA
database. This way it's no longer necessary to use the Directory
Manager password or CA and KRA admin certificate.

https://fedorahosted.org/freeipa/ticket/5257




Thank you.

1) Can you use following code instead of direct call of ldap2.ldap2()?

if not api.Backend.ldap2.is_connected():
     api.Backend.ldap2.connect(autobind=True)

conn = api.Backend.ldap2

It's actually isconnected() instead of is_connected(), but even so, the proposed code doesn't work:

ipa.ipapython.install.cli.install_tool(Server): DEBUG The ipa-server-install command failed, exception: TypeError: 'ldap2' object is not callable ipa.ipapython.install.cli.install_tool(Server): ERROR 'ldap2' object is not callable

2) Patch needs rebase to master branch.

The original patch does apply cleanly to master. Did you see a conflict?

3)
+        user_dn = DN(('uid', "ipara"), ('ou', 'People'), self.basedn)
+        conn.create(
+            dn=user_dn,

can you use add entry() instead of create()? We don't use native
python-ldap, but rather ipaldap methods

It's actually calling the ldap2.create() defined in ipaserver/plugins/ldap2.py, which calls add_entry().

So my original patch still stands.

--
Endi S. Dewata

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to