[Freeipa-devel] [PATCH] 0011 Allow user to force Kerberos realm during installation
Jan Cholasta
jcholast at redhat.com
Thu Sep 4 11:22:12 UTC 2014
Dne 4.9.2014 v 12:42 David Kupka napsal(a):
> On 09/03/2014 05:09 PM, Jan Cholasta wrote:
>> Hi,
>>
>> Dne 27.8.2014 v 13:56 David Kupka napsal(a):
>>> Usually it isn't wise to allow something like this. But in environment
>>> with broken DNS (described in ticket) there is probably not many
>>> alternatives.
>>>
>>> https://fedorahosted.org/freeipa/ticket/4444
>>
>> 1) I think you can log realm in search() as part of the "Starting IPA
>> discovery ..." message instead of a separate message.
>>
>>
>> 2) Also, no need to log the realm twice in search().
> I forget to remove some redundant debug prints.
>>
>>
>> 3) It looks like you forgot to un-indent some code in
>> ipadnssearchkrbkdc().
>>
> Fixed, thanks.
What I meant is that this:
def ipadnssearchkrbkdc(self, domain=None):
kdc = None
if not domain:
domain = self.domain
kdc = self.ipadns_search_srv(domain, '_kerberos._udp', 88,
break_on_first=False)
if kdc:
kdc = ','.join(kdc)
else:
root_logger.debug("SRV record for KDC not found!
Domain: %s" % domain)
kdc = None
return kdc
should be this:
def ipadnssearchkrbkdc(self, domain=None):
if not domain:
domain = self.domain
kdc = self.ipadns_search_srv(domain, '_kerberos._udp', 88,
break_on_first=False)
if kdc:
kdc = ','.join(kdc)
else:
root_logger.debug("SRV record for KDC not found! Domain:
%s" % domain)
kdc = None
return kdc
Isn't that right?
>>
>> Honza
>>
>
--
Jan Cholasta
More information about the Freeipa-devel
mailing list