Bug 692937 - Replica install fails after step for "enable GSSAPI for replication"
https://bugzilla.redhat.com/show_bug.cgi?id=692937
Resolves: bug 692937
Bug Description: Replica install fails after step for "enable GSSAPI for replication"
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: Allow the deletion of the nsds5replicabinddn and
nsds5replicacredentials attributes from the replication agreement. These
are not needed for SASL/EXTERNAL or SASL/GSSAPI. NOTE: the agreement code
will not warn that nsds5replicabinddn and nsds5replicacredentials are needed
for simple and other bind methods. It is the responsibility of the user
to make sure these are specified.
If the modify code executed in such a way that the transportinfo was set
before bindmethod, the code would report an error that ldaps or tls cannot
be used with SASL/GSSAPI. There is no clean way to check to see if the
state of the agreement is consistent after applying all mods, so we just
remove this check. With recent versions of the server, you can mix
ssl/tls with sasl/gssapi.
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no