|
|
26521d |
From d116dd899b4ad64b0ab14f3e153e76a95f54937e Mon Sep 17 00:00:00 2001
|
|
|
26521d |
From: German Parente <gparente@redhat.com>
|
|
|
26521d |
Date: Sun, 28 Oct 2018 16:29:09 +0100
|
|
|
26521d |
Subject: [PATCH] Ticket 49997 RFE: ds-replcheck could validate suffix exists
|
|
|
26521d |
and it's replicated
|
|
|
26521d |
|
|
|
26521d |
Bug Description:
|
|
|
26521d |
|
|
|
26521d |
seen at customer site, as first request to ldap database is the RUV, if the suffix provided in the command line does not exist or it's not replicated, we have an error message that it's regarding the RUV:
|
|
|
26521d |
|
|
|
26521d |
ds-replcheck -D "cn=directory manager" -w secret12 -b "o=ipaca" -r ldap://ipamaster.germanparente.local:389 -m ldap://ipareplica.germanparente.local
|
|
|
26521d |
Performing online report...
|
|
|
26521d |
Connecting to servers...
|
|
|
26521d |
Gathering Master's RUV...
|
|
|
26521d |
Error: Failed to get Master RUV entry: {'desc': 'No such object'}
|
|
|
26521d |
|
|
|
26521d |
Fix Description:
|
|
|
26521d |
|
|
|
26521d |
add function to validate suffix exists and it's replicated
|
|
|
26521d |
|
|
|
26521d |
https://pagure.io/389-ds-base/issue/49997
|
|
|
26521d |
|
|
|
26521d |
Author: German Parente <gparente@redhat.com>
|
|
|
26521d |
|
|
|
26521d |
Review by: ???
|
|
|
26521d |
---
|
|
|
26521d |
ldap/admin/src/scripts/ds-replcheck | 32 +++++++++++++++++++++++++++++
|
|
|
26521d |
1 file changed, 32 insertions(+)
|
|
|
26521d |
|
|
|
26521d |
diff --git a/ldap/admin/src/scripts/ds-replcheck b/ldap/admin/src/scripts/ds-replcheck
|
|
|
26521d |
index e18465dc0..57748b09f 100755
|
|
|
26521d |
--- a/ldap/admin/src/scripts/ds-replcheck
|
|
|
26521d |
+++ b/ldap/admin/src/scripts/ds-replcheck
|
|
|
26521d |
@@ -816,6 +816,30 @@ def check_for_diffs(mentries, mglue, rentries, rglue, report, opts):
|
|
|
26521d |
|
|
|
26521d |
return report
|
|
|
26521d |
|
|
|
26521d |
+def validate_suffix(ldapnode, suffix, hostname):
|
|
|
26521d |
+ # Validate suffix exists
|
|
|
26521d |
+ try:
|
|
|
26521d |
+ master_basesuffix = ldapnode.search_s(suffix, ldap.SCOPE_BASE )
|
|
|
26521d |
+ except ldap.NO_SUCH_OBJECT:
|
|
|
26521d |
+ print("Error: Failed to validate suffix in {}. {} does not exist.".format(hostname, suffix))
|
|
|
26521d |
+ return False
|
|
|
26521d |
+ except ldap.LDAPError as e:
|
|
|
26521d |
+ print("Error: failed to validate suffix in {} ({}). ".format(hostname, str(e)))
|
|
|
26521d |
+ return False
|
|
|
26521d |
+
|
|
|
26521d |
+ # Check suffix is replicated
|
|
|
26521d |
+ try:
|
|
|
26521d |
+ replica_filter = "(&(objectclass=nsds5replica)(nsDS5ReplicaRoot=%s))" % suffix
|
|
|
26521d |
+ master_replica = ldapnode.search_s("cn=config",ldap.SCOPE_SUBTREE,replica_filter)
|
|
|
26521d |
+ if (len(master_replica) != 1):
|
|
|
26521d |
+ print("Error: Failed to validate suffix in {}. {} is not replicated.".format(hostname, suffix))
|
|
|
26521d |
+ return False
|
|
|
26521d |
+ except ldap.LDAPError as e:
|
|
|
26521d |
+ print("Error: failed to validate suffix in {} ({}). ".format(hostname, str(e)))
|
|
|
26521d |
+ return False
|
|
|
26521d |
+
|
|
|
26521d |
+ return True
|
|
|
26521d |
+
|
|
|
26521d |
|
|
|
26521d |
def connect_to_replicas(opts):
|
|
|
26521d |
''' Start the paged results searches
|
|
|
26521d |
@@ -888,6 +912,14 @@ def connect_to_replicas(opts):
|
|
|
26521d |
"Please check your credentials and LDAP urls are correct.".format(str(e)))
|
|
|
26521d |
exit(1)
|
|
|
26521d |
|
|
|
26521d |
+ # Validate suffix
|
|
|
26521d |
+ print ("Validating suffix ...")
|
|
|
26521d |
+ if not validate_suffix(master, opts['suffix'], opts['mhost']):
|
|
|
26521d |
+ exit(1)
|
|
|
26521d |
+
|
|
|
26521d |
+ if not validate_suffix(replica,opts['suffix'], opts['rhost']):
|
|
|
26521d |
+ exit(1)
|
|
|
26521d |
+
|
|
|
26521d |
# Get the RUVs
|
|
|
26521d |
print ("Gathering Master's RUV...")
|
|
|
26521d |
try:
|
|
|
26521d |
--
|
|
|
26521d |
2.17.2
|
|
|
26521d |
|