freeipa

Clone
Source Code
GIT

538e023 AD trust: improve trust validation

1 file Authored by abbra 9 years ago, Committed by tbabej 9 years ago,
raw patch tree parent
1 file changed. 16 lines added. 3 lines removed.
ipaserver/dcerpc.py
file modified
+16 -3 
    AD trust: improve trust validation
    
    Trust validation requires AD DC to contact IPA server to verify that trust account
    actually works. It can fail due to DNS or firewall issue or if AD DC was able to
    resolve IPA master(s) via SRV records, it still may contact a replica that has
    no trust data replicated yet.
    
    In case AD DC still returns 'access denied', wait 5 seconds and try validation again.
    Repeat validation until we hit a limit of 10 attempts, at which point raise
    exception telling what's happening.
    
    https://fedorahosted.org/freeipa/ticket/4764
    
    Reviewed-By: Tomas Babej <tbabej@redhat.com>
file modified
+16 -3
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.