From 641c550cc3650c6d0aa95f52b422089f64e7fb6a Mon Sep 17 00:00:00 2001
From: Thomas Woerner <twoerner@redhat.com>
Date: Mon, 15 Aug 2022 16:00:06 +0200
Subject: [PATCH] ipareplica: ipareplica_setup_adtrust fails while updating
 ipaNTFlatName

The internal parameter sid_generation_always is generated in
ipareplica_test to enable SID generation if ipareplica_setup_adtrust is
not enabled.

This parameter was not used for ipareplica_prepare though, therefore
adtrust.install_check was not executed and did not set the attribute
adtrust.netbios_name. As a result adtrust.netbios_name was None and the
try to use this as the new NetBIOS domain name failed with an
INVALID_SYNTAX error in adtrustinstance while executing
ipareplica_setup_adtrust.

This issue only occurs if SIDs are not enabled in the domain yet for
example with an old deployment.
---
 roles/ipareplica/tasks/install.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/ipareplica/tasks/install.yml b/roles/ipareplica/tasks/install.yml
index 0e5f840..7413884 100644
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -201,6 +201,7 @@
       ### additional ###
       server: "{{ result_ipareplica_test.server }}"
       skip_conncheck: "{{ ipareplica_skip_conncheck }}"
+      sid_generation_always: "{{ result_ipareplica_test.sid_generation_always }}"
     register: result_ipareplica_prepare
 
   - name: Install - Add to ipaservers
-- 
2.37.3