#6920 Upgrade from ipa-4.1 fails when enabling KDC proxy
Closed: fixed 7 years ago Opened 7 years ago by tkrizek.

During an upgrade from IPA 4.1, when upgrade script attempts to enable KDC proxy by creating an LDAP entry in cn=KDC,cn=vm,cn=master,cn=ipa,cn=etc,dc=example,dc=com it fails, because the parent entry does not exist.

This is a regression was introduced by b1a1e10

/var/log/ipaupgrade.log

2017-05-02T07:11:19Z DEBUG   File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute
    return_value = self.run()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_server_upgrade.py", line 46, in run
    server.upgrade()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/upgrade.py", line 1869, in upgrade
    upgrade_configuration()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/server/upgrade.py", line 1658, in upgrade_configuration
    http.enable_kdcproxy()
  File "/usr/lib/python2.7/site-packages/ipaserver/install/httpinstance.py", line 437, in enable_kdcproxy
    'KDC', self.fqdn, [u'kdcProxyEnabled'], self.suffix)
  File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 214, in set_service_entry_config
    api.Backend.ldap2.add_entry(entry)
  File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1504, in add_entry
    self.conn.add_s(str(entry.dn), list(attrs.items()))
  File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__
    self.gen.throw(type, value, traceback)
  File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 966, in error_handler
    raise errors.NotFound(reason=arg_desc or 'no such entry')

Metadata Update from @tkrizek:
- Issue priority set to: critical
- Issue set to the milestone: FreeIPA 4.5.1
- Issue tagged with: regression

7 years ago

Metadata Update from @tkrizek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1447284

7 years ago

Metadata Update from @tkrizek:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1447284

7 years ago

Metadata Update from @tkrizek:
- Issue assigned to tkrizek

7 years ago

Metadata Update from @tkrizek:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/752

7 years ago

master:

  • 999706f python2-ipalib: add missing python dependency
  • 4b8ab77 installer service: fix typo in service entry
  • ebefb28 upgrade: add missing suffix to http instance

Not closing yet. Waiting for 4.5 patches

ipa-4-5:

  • cdefa30 python2-ipalib: add missing python dependency
  • 1662b0e installer service: fix typo in service entry
  • d10d506 upgrade: add missing suffix to http instance

Metadata Update from @mbabinsk:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

7 years ago

Log in to comment on this ticket.

Metadata