On 23.11.2015 16:43, Jan Cholasta wrote:

On 23.11.2015 12:50, Tomas Babej wrote:

this patch implements the single command replica promotion&enrollment
for #5310.



1) ensure_enrolled() should be called from promote_check() after the
client check is done:

     client_fstore = sysrestore.FileStore(paths.IPA_CLIENT_SYSRESTORE)
     if not client_fstore.has_files():


+    server_name = Knob(
+        str, None,
+        description="fully qualified name of IPA server to enrooll to",
+        cli_name='server',
+    )

Please use the same identifier ipa-client-install uses, i.e.

Also there is typo in the description: "enrooll".


+    host_name = Knob(
+        str, None,
+        description="fully qualified name of this host",
+        cli_name='hostname',
+    )

This knob is already defined in BaseServer, there's no need to redefine
it here (just remove the "host_name = None").

If you want to change the description, change it in BaseServer.


+    keytab = Knob(
+        str, None,
+        description="path to backed up keytab from previous enrollment",
+        cli_name='keytab',
+    )

ipa-client-install uses the short name -k for the keytab option, it
should be used here as well.

5) The replica file argument conflicts with the --realm, --domain,
--server, --admin-password and --principal options. This should be
checked in Replica.__init__().

The --hostname option should either be conflicting as well or be
implemented properly for legacy replica install.

Actually, it should be conflicting, as it is provided by the replica file too.

6) I think --admin-password should be renamed to --password and the
description changed, since it now also allows OTP enrollment.


Jan Cholasta

Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to