From 434d9e539d24fe0110c5d6bf4a4342daf40d15d5 Mon Sep 17 00:00:00 2001 From: Florence Blanc-Renaud Date: Apr 24 2017 10:51:37 +0000 Subject: upgrade: adtrust update_tdo_gidnumber plugin must check if adtrust is installed During upgrade, the plugin update_tdo_gidnumber is launched in order to add a gidnumber to the Trusted Domain Object. This plugin should not be run when ad trust is not installed, otherwise an error message is displayed. https://pagure.io/freeipa/issue/6881 Reviewed-By: Alexander Bokovoy --- diff --git a/ipaserver/install/plugins/adtrust.py b/ipaserver/install/plugins/adtrust.py index 075f197..a72af00 100644 --- a/ipaserver/install/plugins/adtrust.py +++ b/ipaserver/install/plugins/adtrust.py @@ -329,6 +329,11 @@ class update_tdo_gidnumber(Updater): def execute(self, **options): ldap = self.api.Backend.ldap2 + # First, see if trusts are enabled on the server + if not self.api.Command.adtrust_is_enabled()['result']: + self.log.debug('AD Trusts are not enabled on this server') + return False, [] + # Read the gidnumber of the fallback group dn = DN(('cn', ADTRUSTInstance.FALLBACK_GROUP_NAME), self.api.env.container_group,