The wrong search scope was being used to determine if a given master had a CA installed during ipa-csreplica-manage connect.
rob
>From 103d1ef5c7317e6efc9a0513a2a69d0bb23a1384 Mon Sep 17 00:00:00 2001 From: Rob Crittenden <rcrit...@redhat.com> Date: Thu, 6 Nov 2014 16:10:01 -0500 Subject: [PATCH] Search using proper scope when connecting CA instances The wrong search scope was being used when trying to determine if a given master had a CA installed when trying to create a new connection. https://fedorahosted.org/freeipa/ticket/4704 --- install/tools/ipa-csreplica-manage | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/tools/ipa-csreplica-manage b/install/tools/ipa-csreplica-manage index c534446d7b0daf0ce0709edf952a8795ba85e937..6f6c6c75a122274eeb221f6e0eb15959dec56786 100755 --- a/install/tools/ipa-csreplica-manage +++ b/install/tools/ipa-csreplica-manage @@ -303,7 +303,7 @@ def add_link(realm, replica1, replica2, dirman_passwd, options): dn = DN(('cn', 'CA'), ('cn', replica2), ('cn', 'masters'), ('cn', 'ipa'), ('cn', 'etc'), ipautil.realm_to_suffix(realm)) - conn.get_entries(dn, conn.SCOPE_ONELEVEL) + conn.get_entries(dn, conn.SCOPE_BASE) conn.unbind() except errors.NotFound: sys.exit('%s does not have a CA configured.' % replica2) -- 1.9.3
_______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel