[Freeipa-devel] [PATCH] 943 detect duplicate winsync agreement
Rob Crittenden
rcritten at redhat.com
Fri Feb 24 18:09:45 UTC 2012
Martin Kosek wrote:
> On Wed, 2012-02-08 at 14:52 -0500, Rob Crittenden wrote:
>> We currnently only support a single winsync agreement against any given
>> host so all we need to do is check to see if we have one with the remote
>> host.
>>
>> This also adds some minor exception handling cleanup.
>>
>> https://fedorahosted.org/freeipa/ticket/2130
>>
>> This depends on my patch 935.
>>
>> I have a ticket open, 2358, to add support for multiple agreements.
>>
>> rob
>
> winsync replica management now looks and works fine, good job there.
> Though I found an issue in our ipa-winsync plugin during the review.
>
> The plugin tries to look for GID number of our default users group so
> that it can use it for added user. But since ipausers group is now
> non-posix, it fails to find the GID and creates a user without
> objectclass posixuser. It is then unusable and is not shown in
> "user-find" command. Details are in a ticket I created:
>
> https://fedorahosted.org/freeipa/ticket/2436
>
> But back to your patches. I found out that 943 broke connecting to
> standard replica:
>
> # ipa-replica-manage connect vm-115.idm.lab.bos.redhat.com
> unexpected error: coercing to Unicode: need string or buffer, NoneType
> found
>
> There are at least 2 problems in this area:
> 1) It does duplicate winsync agreement check against non-winsync replica
> 2) It now adds a cert even though it wasn't passed to ipa-replica-manage
>
> Martin
>
Hmm, odd that I took out that cacert conditional. I put it back, works now.
We didn't check for dups when adding a new agreement. It is silently
handled on the IPA -> IPA side, not win2003, hence the check. I added an
additional message for the IPA side.
What you would see previously if you tried to connect to an IPA server
with an existing agreement is "Connected x to y" and not "already an
agreement.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-943-2-winsync.patch
Type: text/x-diff
Size: 3289 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20120224/abb0c64a/attachment.bin>
More information about the Freeipa-devel
mailing list